Перейти к содержанию
Правила раздела

[РЕШЕНО] касперский нашел HEUR:HackTool.Win32.Convagent.gen в файле svchos.exe

Vadya

Автор Vadya
в Помощь в удалении вирусов

 Поделиться

Рекомендуемые сообщения

Vadya

Vadya

Опубликовано
Опубликовано (изменено)

здравствуйте. история такая. прошло почти две недели как прошлый раз проверял комп курейтом. думаю дай сегодня проверю  курейтом лучше перебдеть чем недобдеть.   и как только курейт проверил   в папке program data/чего то там/ файл  svchos.exe  касперский поднял алерт  HEUR:HackTool.Win32.Convagent.gen и удалил этот файл. проверил папку эту она создана аж 23 апреля почему раньше касперский  алерт не поднимал не понятно, то ли вирус подменил этот файл на зловред, то ли база обновилась и там стали бить тревогу на этот фаил не понятно. хочу, что бы вы проверили, что бы моя душа была спокойна. курейт ничего не нашел.

кстати еще вопрос почему автологер пишет 5. поиск кей логеров и сборщиков клавиатуры отключена пользователем? я ж не отключаю ничего как в инструкции написано так и делаю?  

CollectionLog-2023.06.19-18.44.zip

Изменено пользователем Vadya
Ссылка на комментарий
Поделиться на другие сайты
mike 1

mike 1

Опубликовано
Опубликовано

Внимание! Рекомендации написаны специально для этого пользователя. Если рекомендации написаны не для вас, не используйте их - это может повредить вашей системе.

Если у вас похожая проблема - создайте тему в разделе Уничтожение вирусов и выполните Правила оформления запроса о помощи.

 

Здравствуйте! 

 

Закройте все программы, временно выгрузите антивирус, файрволл и прочее защитное ПО.

Важно! на Windows Vista/7/8 AVZ запускайте через контекстное меню проводника от имени Администратора. Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

  

begin
ExecuteWizard('TSW',2,2,true);
RebootWindows(false);
end.

 

Внимание! Будет выполнена перезагрузка компьютера

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера)

  

O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec389fabd.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\catfile-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\cathash-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\certs-6860-5288-ec62f49d0.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5748-fe07fd9a1.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\fshc-6860-5288-ee5b4bbf4.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\033E3lkCbY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0BU3K4D1jpNk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0dgqmrhIrZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iaWDcLUDlj5hB0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iITO5j2kuebGwi.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0je2PYSfq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0lEqk6XGulaN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\11c8MZHTbO3F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1MkXjmM47xtPfiz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1o3zpg8AUz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2eIUt395p -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2I6Df0XGsgem -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2VdJALo9LeqRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2yQ1FdRmCn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3EFoTJL4cqqAgm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3eZhxxkmjdXr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ga88ngcYS2rL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3GCQFqmZQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ILDi6DwhVUp3i -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3qQLxT7WJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4dXbHKBCJUxNuS6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4G7JekTZxTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4gIWMYi8N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4mlkvlUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4o0kSPv5tx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4S9fskTK3ksr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4X9QDlEJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5blWRurBmZxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5GPujW3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5NrQUK70r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5oRVN4EZ3FqhmF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5rmhcEiUN2uwZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5T1mAo8G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\65dJtw3RE6Pi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6CnFQ8O70R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6G0QfZj399yGG6J -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6oFP4luEZWphBN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6v5zatdGU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7HRNIpGnRC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7QQucmL89 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7XvfKDp8kvvxPx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\85LbfJRoG37 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8AiKyZ5agnnY8w -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8C2VEoFOEpa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8DdbCV67XrF4N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8F0ffg9Ntk2EK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8I4dXf4yJZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8nbOz4SU7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8Sc8diHg1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9ak0OR8dxDmSkJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9J4wexeghMfG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9MmRUPU73bwv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9xKyXgGAxFR7Rp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\a3Jw0JdESNGb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\A9pWuNec -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ABcRKndt5V -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AdiQZWS8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aEwgf5ITY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AGgcwwRloS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ah02LCccmG2Xr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AmCN0eyz5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aMV0mHpt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ApJJm6LkFJ0t1ix -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aRph11ZV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aWzrZXrEeZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aXiRliUbW7iv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\B33xJAkA9CU91Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\b3WcbR24uR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ba8h6JcZ649vFa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BcmkE619Ks -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bds4BDPmcY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BeKY16ZJ8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bMGKajCOM7WE6N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bmijpnhTeKES -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BmxgwScxzX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bPLkZOC8b -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bq3AZdK0oZFJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BsHN7CbStT0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bWX8Mp2XU08Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bxn2s8O3j2b7nBt.key -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bzq17G8370LwmT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ccsdk.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CjlM9bkI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cJVKgR9TqJWK3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CLic3YiXISrjta -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CmFe2ln1ehc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cMpTTpRyd6R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CNWIQ0jla0Holrc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CoIT2fY5l6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cVFBIMgPz2zL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cXVG0Ck86BZinDy -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D1h2cJqmy0K9r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\d2B0WM6Ey -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D5gHzRRSkGfjvu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dCDMDzNI9jUZer -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Dk3XK0LV53M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dkIHlTDwSow -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dMakBUDDq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DQYtOUHfnVXt7Le -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\drwbase.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DVAULSFhkKHCw.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DYGTs2T3Ci2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e2FgKABWjd8yUNl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\E3XEDgtF9 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e7ddWKfXS5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53.28427fd -> DELETE
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EBue9Vk1T -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EHgceuj14Jfh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\en.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\eP3EUeQO2tV5GEl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\epzCup3piG -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ez1fZpeQ7UE0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\F7Lfe0oVDSszfd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f8NGfa1qQsxpK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f9Bc1lZ3u3Ph -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\FBZbC2yjRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ffZxhfFNp4qtZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\fjgf3oubBnZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\frhnVg7phUiOM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g2DAy3PJskqkBTD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g7AUsTTjnhKxF79 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gbvH8qPRzK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gct5IMXqq6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GEIYoFwmM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GoUVd9LomP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gWjVnCFeNCo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GzGORh9ZQUfe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hcmO87UKHx26CH8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HcOPfhWc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HDmTYdEhjB2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HhEM7JH90PGfS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HIFCmQoju -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hkLcHWWSns -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hoBSV5q4f3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HoPnIv6ciVt78G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HPTLicQSL6KeZZc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HSHPq6UyYitn3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HzEAQvm4Y3P3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\I4fjlMkpv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IcO4noR1xRf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ikChaWxG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IkWIarGvzo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ilr16UJNsxdS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\isURO3FnCjYPc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IwkcnOTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\J5VztcCO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ja.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jA67dyYPSlM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JahuuYOktxUj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jBqaSMCMNtp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jHaaqk7G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Jhu6vQ2rIFyHc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jIslVkGe3c -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JN9WRwx2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JnAWrY2aYKX3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JpeMQu5HXtiAYIb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\k0oCYWCjt7GN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KCjDeiipa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kh7sh9ixb8EGT2F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kJ023MqkZBX7Lj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kqj5dlsiux -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ku21WrfcnNzV63 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kVta9bTlIQixuDi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KwL5H5GB7ON -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KyanRwlu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KYRhmW8ouk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\L35Cl0c0nGXZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBHCKM060 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBIhoWlo0uFu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lDMrslHhg2ffjC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LFSDrEJYegtD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lfu2pmsrC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LgChSUvRh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lhrHYyfDr3UiM4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lLp9EVm2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LnsTGN5tJEq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LSJd3tn5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\M0WXPbOBC8d -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mANp4WMiysc8LH -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MATUaT5T3S -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MNh62jztKPv6zs.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MqEWoZNCuDt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mVcDu0kax5hfV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Myu7EGnCmpRDsz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\myvhE00WoSZth -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MzBRAx1Om1mrY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\n4SMrig9TTKlT5O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NDiE4aKX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NgvaB35Gxx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nhGjVv6CA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nKNVJRQ0Ecim -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NXjlYmob -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\o6qnvvSeklY7veS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\O81N2vlsJzTfF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oe5yTa7bY7bsgL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oEG5Eaq1F84Cfm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\of0hGsbp31AT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oneaBy2meT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oQs4LUyJ8C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oSYQrX1412VUZnP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ov4TKDOHA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oxuTCDkOGGj8L8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\P6ccda7a8xTF5Ic -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pHLJ8J42gC7j -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PJvVnJPQGIisnG4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PPHMobY4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PTjW87XS4Yl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pZ8aB9FhWSEO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qEYhrM0vd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qgCbt2hf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QILyqMxgckx6gi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QiYryZdInAsjat -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qME6QyMXC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QpnNoRZ23X8lF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QXhGRcI4u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qXR7dEG7lc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QYcUErzKSp0MKaz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\R6qSZEGNFyLV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rBqyfjNaDvJ8oA1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rD2FPdjrTLDlFtu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\REAyfgjXkRMGE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rf0yGuaufFXNd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Rf4ShcNcYYS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rGnRi7SmC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RJ5xGPKaDBr7s -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RKp8RYOjd55PAdT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RMfQAzW6p3X -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RpmTmI62u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RTluN006N0L -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ru.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\s4eMgzkZ1o2Ce -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sgOBhw30H6wYarJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sTv03BXwL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sVO5eeCB3SVAv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\SvRE2KNt0t -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\T73jyQYA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tc26R3rOxz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tcEBzs4O9lLeo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tCLKoZZi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\te2BoKfQ1RxRzn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\thS3Cpa2I1tqUlp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\TrNdZjrV0kuW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UayVOxrwGOn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uGA29yi5YvRHHF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UiZMYrsoBgMLK5Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ULg1LsshSsxEmm3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UmTDgaStJrYc2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Uq0BfXING40hI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uRR82tlZt3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UV5OcDMPP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uYvY1Z3mfT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\V5CVRTynaJw5x -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vFPZeruCrFqf5k0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vgzQJfF4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VKJdQVDBrd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Vlf2ih6u5ee0Xu.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VMZknVUjHR08I4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vnLN5bqNQVhl6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQ8324sYpg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQogStzrvcjwt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vqVhXVZrw4VmJM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vT25cBGvE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vwTyBpWnf8OlL4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wD5lfCsWkLz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wevpRZ4JxhC3M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Whtbvrre -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WuW1Ajd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WW1g7Dmv6y73 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wXwDEIUx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x8DtBG1YgM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x9VpcM6h -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xG2uPx7833Gs -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xjSHhZp5w4Avaj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xR6D51VIqV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xv9RH9xPnSIsU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xYXEZoV3MrhOeC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y1YnojCKKfShSAQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y4MiU8PF3dt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y6PSNZB0IrKe75C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YcykB7QV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yfFzawuKXYrUQ1B -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ygruxYt454djBMi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yiaenj3iotf8J7A -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yku0ufJ2KS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YlkTzeoBAKqZ6O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YNFIhZ2s4kN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ynXG37Sq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YOiX7T0Fg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YuXma6wYz01c5mJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yxutNBlO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z3TQGvRgs5M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z8sMbFVkZ2n -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zAUZshLRP7jmEJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZAyJbJbhUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zCFsmnfD1A4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ze8tnf7Qk7HuNi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZfxK38cf4xXJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZHZVfOmxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZIijTUOR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZJBlQkxwBEK5EW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ztSFwmd3A.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVJzDc5ZKxrwbi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVxebVQOmjD0T6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZWvt7mJu -> DELETE (file missing)

 

Сделайте новые логи Автологгером. 

Ссылка на комментарий
Поделиться на другие сайты
Vadya

Vadya

Опубликовано
  • Автор
Опубликовано
52 минуты назад, mike 1 сказал:

Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

сделано.

53 минуты назад, mike 1 сказал:

Пофиксите следующие строчки в HiJackThis

в этом вопросе мы с вами по кругу ходим еще прошлый раз я писал, что HiJackThis ни одной строчки из вашего сообщения не находит как их фиксить если он их не видит? 

джек.jpg

Ссылка на комментарий
Поделиться на другие сайты
  • 4 недели спустя...
mike 1

mike 1

Опубликовано
Опубликовано

Мы были рады Вам помочь! Надеемся, что Вы остались довольны результатом. На нашем форуме также можно получить компьютерную помощь, помощь по продуктам "Лаборатории Касперкого", обсудить технологии и технику, заказать эксклюзивную сувенирную продукцию "Лаборатории Касперского" бесплатно! Форумчане ежегодно путешествуют. В числе приглашенных в ТурциюАрмениюСочиКамбоджу можете стать и Вы! Будем рады видеть Вас в наших рядах! Всегда ваш, клуб "Лаборатории Касперского".

Ссылка на комментарий
Поделиться на другие сайты
Гость
Эта тема закрыта для публикации ответов.
 Поделиться
Перейти к списку тем

  • Похожий контент

    • Barrrin
      касперский нашел Trojan.Win32.Penguish.bzb
      Автор Barrrin
      Снова здравствуйте, сегодня антивирус касперский нашел файл Trojan.Win32.Penguish.bzb и удалил его, но для успокоения себя я все таки решил обратиться за помощью. Потому что очень странно откуда появляются трояны, учитывая насколько я осторожно пользуюсь пк и не скачиваю ничего со сторонних сайтов, а только с официальных источников 
      CollectionLog-2024.06.26-15.42.zip
    • Quester1337
      [РЕШЕНО] Dr.Web CureIT нашел вирус NET:MALWARE.URL
      Автор Quester1337
      Во время скачивания файлов из сторонних ресурсов, я провел сканирование др.вебом и он обнаружил вот такую проблему, повторное сканирование в таких же условиях ничего не обнаружили. Логи прикрепляю.

      CollectionLog-2025.05.01-13.34.zip
    • Solnepek7
      [РЕШЕНО] Касперский не видит майнер
      Автор Solnepek7
      Помогите пожалуйста, никак не могу найти майнер на ноутбуке. Почему думаю что майнер, потому что при включении диспетчера задач или process exp, ноут сразу затихает и вентиляторы не крутятся, как только диспетчер закрою, сразу большая активность. Сижу битый час общаюсь с DeepSeek, он там что то рекомендует, но не видит(я скрины ему кидал). Скачал SystemInformer (process hacker тот же), тут уже интереснее, при закрытии диспетчера cmd.exe грузит CPU до 33% и жрет 2.4гб памяти, но в дереве процессов не могу найти этот искомый файл что так грузит и запускается через команду. При открытии диспетчера process hacker сразу показывает что cpu в норме, 99% простаивает и файл закрывается. То есть при открытии диспетчера майнер закрывается, с помощью  process hacker не получается найти, банально не понимаю куда тыкать, да же с помощью нейрухи, deepseek иногда говорит несуществующие вкладки. Пришёл к реальным людям)
      Логи прикрепил, в безопасном режиме включал, всё тихо, шума нет, 99% простой системы. 3 раза сделал полную проверку касперским, не видит
      CollectionLog-2025.06.11-19.09.zip

    • Андрей2029
      Касперский и сервисы Adobe
      Автор Андрей2029
      Добрый день. С недавнего времени каждый день по несколько раз за день вижу такое окно.
      Если добавить в исключение, окно вылазит снова на следующий день. Если разорвать соединение, таких окон вылазит несколько штук и ситуация повторяется в этот же день или на следующий. 
      Почему сервисы Adobe вдруг стали не милы Касперскому и как ситуацию исправить?
       

    • Milink
      [РЕШЕНО] Подозрение на майнер
      Автор Milink
      скачал игру с торрента, после чего в браузере Chrome после каждого перезапуска пк начало устанавливаться левое расширение якобы Adblock. Так же в temp появляется папка 2xzjMMUGjeobOYtjoc0gOuMKKHC. Пробовал чистить антивирусами - не помогло.
      Нашел решение, avz скачал, Autologger я так понимаю тоже надо качать: 
      Актуально ли оно?
       
×
×
  • Создать...