�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 23:58:11 +0300

�� MICROSOFTHOST.EXE � �� .
��.
�� - ��, �� .
�� :)
22.11.2021 23:58:11, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 23:53:05 +0300

�� MICROSOFTHOST.EXE � �� .
fixlog
Fixlog.txt
22.11.2021 23:53:05, �� .

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 23:25:35 +0300

�� MICROSOFTHOST.EXE � �� .
�� : fixlist.txt � �� Farbar Recovery Scan Tool:

�� FRST � �� Fix � ��.

�� FRST �� -�� (Fixlog.txt). ��, �� !
fixlist.txt
22.11.2021 23:25:35, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 23:05:13 +0300

�� MICROSOFTHOST.EXE � �� .
�� FRST.
�� , ��
FRST.txt
Addition.txt
22.11.2021 23:05:13, �� .

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 22:46:07 +0300

�� MICROSOFTHOST.EXE � �� .
�� - � �� .
uVS: start.exe, �� , ��, �� - �� .
�� , �� !
�� : �� !

====code====

;uVS v4.11.12 [http://dsrt.dyndns.org:8888]
;Target OS: NTv6.3
v400c
OFFSGNSAVE
bl 8141854568E95ADB63A62B8D2547951D 1394176
bl 63D21E68818E4B91298EB9656C364114 4785152
regt 25
regt 27
deltmp
restart
;---------command-block---------
delref HTTP://ASK-TB.COM/?TPID=ALS-RG&O=Y10012&PF=V7&TRGB=ALL&P2=%5EBD2%5EYYYYYY%5EYY%5ERU&GCT=HP&APN_PTNRS=%5EBD2&APN_DTID=%5EYYYYYY%5EYY%5ERU&APN_DBR=CR_33.0.1750.154&APN_UID=0C59CECA-8C91-47E0-9A68-DDD30F2FDBB2&ITBV=12.10.0.3795&DOI=2014-03-31&PSV=
delref HTTP://DOCS.ORACLE.COM/JAVASE/7/DOCS
delref HTTP://ISEARCH.AVG.COM/?CID={325CF7F6-3D4F-4600-9C25-C657241E7361}&MID=80919630F2DE47D39712D1530B9087B3-915F495F778E4BAF8D6AD21F4AE7A165CEE7B470&LANG=RU/BROWSER=ALL&DS=IS015&PR=SA&D=2013-05-14 21:23:15&V=15.2.0.5&PID=AVG&SG=&SAP=HP
delref HTTP://MAIL.RU/CNT/7993/
delref HTTP://RU.WIKIPEDIA.ORG/W/INDEX.PHP?TITLE=%D0%A1%D0%BB%D1%83%D0%B6%D0%B5%D0%B1%D0%BD%D0%B0%D1%8F:SEARCH&SEARCH={SEARCHTERMS}
delref HTTP://WEBSEARCH.SIMPLESPEEDY.INFO/
delref HTTP://WWW.BING.COM/SEARCH?Q={SEARCHTERMS}&SRC=IE-SEARCHBOX&FORM=IESR02
delref HTTP://WWW.YANDEX.RU/?CLID=1806158
delref HTTP://YANDEX.RU/YANDSEARCH?TEXT={SEARCHTERMS}&FROM=OS
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DIMHLIANHLHDICJCHLBMBFAEFHHJENCBE%26INSTALLSOURCE%3DONDEMAND%26UC
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DLMJEGMLICAMNIMMFHCMPKCLMIGMMCBEH%26INSTALLSOURCE%3DONDEMAND%26UC
delall %SystemDrive%\PROGRAMDATA\REALTEKHD\TASKHOST.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\AMD.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\APPMODULE.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\MICROSOFTHOST.EXE
delref HTTPS://8GADGETPACK.NET/
delref A9A33436-678B-4C9C-A211-7CC38785E79D\[CLSID]
delref 752073A1-23F2-4396-85F0-8FDB879ED0ED\[CLSID]
delref %SystemRoot%\SYSWOW64\COMPMGMTLAUNCHER.EXE
delref %SystemRoot%\SYSWOW64\GPSVC.DLL
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\MRXSMB.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\USBXHCI.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\SRV2.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\HTTP.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\TCPIP.SYS
delref %SystemRoot%\SYSWOW64\UMPOEXT.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\DMVSC.SYS
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\SPACEPORT.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\FVEVOL.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\AFD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.DLL
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {19916E01-B44E-4E31-94A4-4696DF46157B}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}\[CLSID]
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID]
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref SWPRV\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\DAO\DAO360.DLL
delref %SystemRoot%\SYSWOW64\TAPILUA.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.82\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\AEPROAM.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.92\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.72\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\RSTRUI.EXE
delref %SystemRoot%\SYSWOW64\LISTSVC.DLL
delref %SystemRoot%\SYSWOW64\WBEM\NLMCIM.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.36.102\PSMACHINE.DLL
delref %SystemRoot%\SYSWOW64\WPCCPL.DLL
delref %SystemRoot%\SYSWOW64\IDLISTEN.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\SYSTEM\OLE DB\MSDAORA.DLL
delref F:\BELOFF.EXE
delref G:\START.EXE
apply

=============

+

2) �� AdwCleaner ( �� 3 )
http://forum.esetnod32.ru/forum9/topic7084/

�� :
�� Mail.Ru � Yandex �� ( �� )
�� :
�� (Folders) �� Mail.Ru � Yandex �� [V]

�� AdwCleaner �� (Clean), ��
� ��

3) �� FRST: http://forum.esetnod32.ru/forum9/topic2798/

�� FRST ( �� : FRST � Addition )
22.11.2021 22:46:07, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 22:15:00 +0300

�� MICROSOFTHOST.EXE � �� .
��
HPAL_2021-11-22_22-10-17_v4.11.10.7z
22.11.2021 22:15:00, �� .

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 22:08:00 +0300

�� MICROSOFTHOST.EXE � �� .
�� uVS
http://forum.esetnod32.ru/forum9/topic2687/
22.11.2021 22:08:00, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 22 Nov 2021 22:01:05 +0300

�� MICROSOFTHOST.EXE � �� .
�� URL ��. �� "C:\ProgramData\RealtekHD\taskhost.exe" � "C:\ProgramData\WindowsTask\audiodg.exe"
�� , ��
�� , ��
�� 1.txt
22.11.2021 22:01:05, �� .

����� esetnod32.ru [����: ������ MICROSOFTHOST.EXE]

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

������ MICROSOFTHOST.EXE

�� esetnod32.ru [��: �� MICROSOFTHOST.EXE]

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE