Перейти к содержанию
Правила раздела

[РЕШЕНО] касперский нашел HEUR:HackTool.Win32.Convagent.gen в файле svchos.exe

Vadya

Автор Vadya
в Помощь в удалении вирусов

 Поделиться

Рекомендуемые сообщения

Vadya

Vadya

Опубликовано
Опубликовано (изменено)

здравствуйте. история такая. прошло почти две недели как прошлый раз проверял комп курейтом. думаю дай сегодня проверю  курейтом лучше перебдеть чем недобдеть.   и как только курейт проверил   в папке program data/чего то там/ файл  svchos.exe  касперский поднял алерт  HEUR:HackTool.Win32.Convagent.gen и удалил этот файл. проверил папку эту она создана аж 23 апреля почему раньше касперский  алерт не поднимал не понятно, то ли вирус подменил этот файл на зловред, то ли база обновилась и там стали бить тревогу на этот фаил не понятно. хочу, что бы вы проверили, что бы моя душа была спокойна. курейт ничего не нашел.

кстати еще вопрос почему автологер пишет 5. поиск кей логеров и сборщиков клавиатуры отключена пользователем? я ж не отключаю ничего как в инструкции написано так и делаю?  

CollectionLog-2023.06.19-18.44.zip

Изменено пользователем Vadya
mike 1

mike 1

Опубликовано
Опубликовано

Внимание! Рекомендации написаны специально для этого пользователя. Если рекомендации написаны не для вас, не используйте их - это может повредить вашей системе.

Если у вас похожая проблема - создайте тему в разделе Уничтожение вирусов и выполните Правила оформления запроса о помощи.

 

Здравствуйте! 

 

Закройте все программы, временно выгрузите антивирус, файрволл и прочее защитное ПО.

Важно! на Windows Vista/7/8 AVZ запускайте через контекстное меню проводника от имени Администратора. Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

  

begin
ExecuteWizard('TSW',2,2,true);
RebootWindows(false);
end.

 

Внимание! Будет выполнена перезагрузка компьютера

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера)

  

O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec389fabd.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\catfile-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\cathash-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\certs-6860-5288-ec62f49d0.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5748-fe07fd9a1.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\fshc-6860-5288-ee5b4bbf4.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\033E3lkCbY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0BU3K4D1jpNk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0dgqmrhIrZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iaWDcLUDlj5hB0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iITO5j2kuebGwi.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0je2PYSfq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0lEqk6XGulaN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\11c8MZHTbO3F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1MkXjmM47xtPfiz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1o3zpg8AUz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2eIUt395p -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2I6Df0XGsgem -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2VdJALo9LeqRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2yQ1FdRmCn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3EFoTJL4cqqAgm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3eZhxxkmjdXr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ga88ngcYS2rL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3GCQFqmZQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ILDi6DwhVUp3i -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3qQLxT7WJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4dXbHKBCJUxNuS6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4G7JekTZxTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4gIWMYi8N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4mlkvlUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4o0kSPv5tx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4S9fskTK3ksr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4X9QDlEJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5blWRurBmZxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5GPujW3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5NrQUK70r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5oRVN4EZ3FqhmF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5rmhcEiUN2uwZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5T1mAo8G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\65dJtw3RE6Pi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6CnFQ8O70R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6G0QfZj399yGG6J -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6oFP4luEZWphBN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6v5zatdGU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7HRNIpGnRC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7QQucmL89 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7XvfKDp8kvvxPx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\85LbfJRoG37 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8AiKyZ5agnnY8w -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8C2VEoFOEpa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8DdbCV67XrF4N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8F0ffg9Ntk2EK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8I4dXf4yJZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8nbOz4SU7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8Sc8diHg1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9ak0OR8dxDmSkJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9J4wexeghMfG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9MmRUPU73bwv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9xKyXgGAxFR7Rp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\a3Jw0JdESNGb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\A9pWuNec -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ABcRKndt5V -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AdiQZWS8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aEwgf5ITY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AGgcwwRloS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ah02LCccmG2Xr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AmCN0eyz5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aMV0mHpt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ApJJm6LkFJ0t1ix -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aRph11ZV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aWzrZXrEeZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aXiRliUbW7iv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\B33xJAkA9CU91Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\b3WcbR24uR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ba8h6JcZ649vFa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BcmkE619Ks -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bds4BDPmcY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BeKY16ZJ8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bMGKajCOM7WE6N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bmijpnhTeKES -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BmxgwScxzX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bPLkZOC8b -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bq3AZdK0oZFJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BsHN7CbStT0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bWX8Mp2XU08Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bxn2s8O3j2b7nBt.key -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bzq17G8370LwmT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ccsdk.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CjlM9bkI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cJVKgR9TqJWK3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CLic3YiXISrjta -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CmFe2ln1ehc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cMpTTpRyd6R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CNWIQ0jla0Holrc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CoIT2fY5l6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cVFBIMgPz2zL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cXVG0Ck86BZinDy -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D1h2cJqmy0K9r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\d2B0WM6Ey -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D5gHzRRSkGfjvu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dCDMDzNI9jUZer -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Dk3XK0LV53M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dkIHlTDwSow -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dMakBUDDq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DQYtOUHfnVXt7Le -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\drwbase.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DVAULSFhkKHCw.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DYGTs2T3Ci2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e2FgKABWjd8yUNl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\E3XEDgtF9 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e7ddWKfXS5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53.28427fd -> DELETE
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EBue9Vk1T -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EHgceuj14Jfh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\en.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\eP3EUeQO2tV5GEl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\epzCup3piG -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ez1fZpeQ7UE0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\F7Lfe0oVDSszfd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f8NGfa1qQsxpK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f9Bc1lZ3u3Ph -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\FBZbC2yjRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ffZxhfFNp4qtZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\fjgf3oubBnZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\frhnVg7phUiOM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g2DAy3PJskqkBTD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g7AUsTTjnhKxF79 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gbvH8qPRzK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gct5IMXqq6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GEIYoFwmM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GoUVd9LomP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gWjVnCFeNCo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GzGORh9ZQUfe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hcmO87UKHx26CH8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HcOPfhWc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HDmTYdEhjB2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HhEM7JH90PGfS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HIFCmQoju -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hkLcHWWSns -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hoBSV5q4f3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HoPnIv6ciVt78G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HPTLicQSL6KeZZc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HSHPq6UyYitn3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HzEAQvm4Y3P3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\I4fjlMkpv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IcO4noR1xRf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ikChaWxG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IkWIarGvzo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ilr16UJNsxdS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\isURO3FnCjYPc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IwkcnOTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\J5VztcCO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ja.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jA67dyYPSlM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JahuuYOktxUj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jBqaSMCMNtp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jHaaqk7G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Jhu6vQ2rIFyHc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jIslVkGe3c -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JN9WRwx2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JnAWrY2aYKX3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JpeMQu5HXtiAYIb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\k0oCYWCjt7GN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KCjDeiipa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kh7sh9ixb8EGT2F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kJ023MqkZBX7Lj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kqj5dlsiux -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ku21WrfcnNzV63 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kVta9bTlIQixuDi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KwL5H5GB7ON -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KyanRwlu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KYRhmW8ouk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\L35Cl0c0nGXZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBHCKM060 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBIhoWlo0uFu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lDMrslHhg2ffjC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LFSDrEJYegtD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lfu2pmsrC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LgChSUvRh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lhrHYyfDr3UiM4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lLp9EVm2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LnsTGN5tJEq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LSJd3tn5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\M0WXPbOBC8d -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mANp4WMiysc8LH -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MATUaT5T3S -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MNh62jztKPv6zs.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MqEWoZNCuDt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mVcDu0kax5hfV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Myu7EGnCmpRDsz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\myvhE00WoSZth -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MzBRAx1Om1mrY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\n4SMrig9TTKlT5O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NDiE4aKX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NgvaB35Gxx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nhGjVv6CA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nKNVJRQ0Ecim -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NXjlYmob -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\o6qnvvSeklY7veS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\O81N2vlsJzTfF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oe5yTa7bY7bsgL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oEG5Eaq1F84Cfm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\of0hGsbp31AT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oneaBy2meT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oQs4LUyJ8C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oSYQrX1412VUZnP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ov4TKDOHA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oxuTCDkOGGj8L8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\P6ccda7a8xTF5Ic -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pHLJ8J42gC7j -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PJvVnJPQGIisnG4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PPHMobY4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PTjW87XS4Yl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pZ8aB9FhWSEO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qEYhrM0vd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qgCbt2hf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QILyqMxgckx6gi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QiYryZdInAsjat -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qME6QyMXC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QpnNoRZ23X8lF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QXhGRcI4u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qXR7dEG7lc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QYcUErzKSp0MKaz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\R6qSZEGNFyLV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rBqyfjNaDvJ8oA1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rD2FPdjrTLDlFtu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\REAyfgjXkRMGE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rf0yGuaufFXNd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Rf4ShcNcYYS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rGnRi7SmC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RJ5xGPKaDBr7s -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RKp8RYOjd55PAdT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RMfQAzW6p3X -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RpmTmI62u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RTluN006N0L -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ru.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\s4eMgzkZ1o2Ce -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sgOBhw30H6wYarJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sTv03BXwL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sVO5eeCB3SVAv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\SvRE2KNt0t -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\T73jyQYA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tc26R3rOxz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tcEBzs4O9lLeo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tCLKoZZi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\te2BoKfQ1RxRzn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\thS3Cpa2I1tqUlp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\TrNdZjrV0kuW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UayVOxrwGOn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uGA29yi5YvRHHF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UiZMYrsoBgMLK5Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ULg1LsshSsxEmm3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UmTDgaStJrYc2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Uq0BfXING40hI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uRR82tlZt3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UV5OcDMPP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uYvY1Z3mfT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\V5CVRTynaJw5x -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vFPZeruCrFqf5k0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vgzQJfF4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VKJdQVDBrd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Vlf2ih6u5ee0Xu.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VMZknVUjHR08I4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vnLN5bqNQVhl6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQ8324sYpg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQogStzrvcjwt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vqVhXVZrw4VmJM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vT25cBGvE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vwTyBpWnf8OlL4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wD5lfCsWkLz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wevpRZ4JxhC3M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Whtbvrre -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WuW1Ajd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WW1g7Dmv6y73 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wXwDEIUx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x8DtBG1YgM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x9VpcM6h -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xG2uPx7833Gs -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xjSHhZp5w4Avaj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xR6D51VIqV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xv9RH9xPnSIsU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xYXEZoV3MrhOeC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y1YnojCKKfShSAQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y4MiU8PF3dt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y6PSNZB0IrKe75C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YcykB7QV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yfFzawuKXYrUQ1B -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ygruxYt454djBMi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yiaenj3iotf8J7A -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yku0ufJ2KS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YlkTzeoBAKqZ6O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YNFIhZ2s4kN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ynXG37Sq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YOiX7T0Fg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YuXma6wYz01c5mJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yxutNBlO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z3TQGvRgs5M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z8sMbFVkZ2n -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zAUZshLRP7jmEJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZAyJbJbhUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zCFsmnfD1A4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ze8tnf7Qk7HuNi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZfxK38cf4xXJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZHZVfOmxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZIijTUOR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZJBlQkxwBEK5EW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ztSFwmd3A.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVJzDc5ZKxrwbi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVxebVQOmjD0T6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZWvt7mJu -> DELETE (file missing)

 

Сделайте новые логи Автологгером. 

Vadya

Vadya

Опубликовано
  • Автор
Опубликовано
52 минуты назад, mike 1 сказал:

Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

сделано.

53 минуты назад, mike 1 сказал:

Пофиксите следующие строчки в HiJackThis

в этом вопросе мы с вами по кругу ходим еще прошлый раз я писал, что HiJackThis ни одной строчки из вашего сообщения не находит как их фиксить если он их не видит? 

джек.jpg

mike 1

mike 1

Опубликовано
Опубликовано

Если нет, то пропускайте этот шаг. На момент сбора логов они были. 

  • 4 недели спустя...
mike 1

mike 1

Опубликовано
Опубликовано

Мы были рады Вам помочь! Надеемся, что Вы остались довольны результатом. На нашем форуме также можно получить компьютерную помощь, помощь по продуктам "Лаборатории Касперкого", обсудить технологии и технику, заказать эксклюзивную сувенирную продукцию "Лаборатории Касперского" бесплатно! Форумчане ежегодно путешествуют. В числе приглашенных в ТурциюАрмениюСочиКамбоджу можете стать и Вы! Будем рады видеть Вас в наших рядах! Всегда ваш, клуб "Лаборатории Касперского".

Гость
Эта тема закрыта для публикации ответов.
 Поделиться
Перейти к списку тем

  • Похожий контент

    • Beshan
      После kms auto появляется самовосстанавливающаяся папка с trojan (czyuzabpfprl и ztbhbqffszlu)
      Автор Beshan
      Добрый день, пытался активировать виндовс через kms auto, после чего начали появляться самовосстанавливающиеся папки с файлом внутри, которые антивирус бесконечно теперь удаляет. Прикрепляю логи с Farbar Recovery Scan Tool. Спасибо
      Addition.zip FRST.zip
    • bl1nchik2287
      Вирус после kms-auto
      Автор bl1nchik2287
      Вирус в папке ProgramData, создает папку ztbhbqffszlu. После удаления восстанавливается. Началось после активации офис через KMS Auto. Видел похожую тему, потому прилагаю результаты скана frst64. Пожалуйста, помогите.
      FRST.txt Addition.txt
    • admin123
      Проводник грузит процессор постоянно на 50 %
      Автор admin123
      1. Проверял через Dr.Web cureit - Ничего не найдено, пишет, что чисто
      2. Вчера захожу в диспетчер задач, а тут проводник грузит ЦП на  50 % постоянно, открываю Threads в Proccec Explorer, там какая то dll.
      Ещё заметил одну особенность, при отключение интернета эта нагрузка пропадает, подскажите что делать, винду не хочу переустанавливать.

      CollectionLog-2026.01.12-00.34.zip
    • Two2Face
      [РЕШЕНО] Подозрительный проводник в диспетчере задач и возможно нагруженная память
      Автор Two2Face
      Добрый день. Сегодня залез в диспетчер задач, а там я заметил, что один из процессоров нагружает 18% ЦП. Это - 'Проводник'. После я решил посмотреть в программе Process Explorer, там наш проводник уже высвечивается, как - 'explorer.exe', без иконки (внизу бегают разные explorer.exe, которые высвечиваются с иконками в виде жёлтой папки, как в диспетчере задач, а этот без иконки и под 18%, но возможно здесь я чего-то не понимаю). Ещё память нагружена под 29, но у меня открыт гугл (много вкладок), Дискорд, ВПН и протокол, поэтому не могу быть полностью уверен в том, что в этом пункте тоже вирус (не знаю, нужно ли это здесь, но 5090 и 9950x3d). Кстати, когда я пытаюсь завершить проводник в диспетчере задач, то у меня комп постоянно уходит в перезагрузку (хотел закрыть процесс, что бы потом запустить новую задачу, вдруг завис). 


      CollectionLog-2026.01.11-07.51.zip
    • Николай PO
      Производительность ноутбука на windows 11, не устанавливаются определенные антивирусы (malwarebytes и другие)
      Автор Николай PO
      Добрый день! Помогите пожалуйста. Производительность ноутбука на windows 11, не устанавливаются определенные антивирусы (malwarebytes и другие).
      Данная проблема на двух ноутбуках:
      1.появились мелкие подлагивания в играх иногда в других программах;
      2.не устанавливается антивирус malwarebytes, при установки других антивирусов и запуске проверки появляется синий экран;
      3.инструмент smartfix не устанавливается полностью;
      4. переустановка операционной системы не помогла;
      5.установка на другой ssd не помогла;
      6. переустановка биос не помогла.
      Прикрепляю результаты сканирования в Farbar Recovery Scan ToolAddition.txtFRST.txt
×
×
  • Создать...