�� esetnod32.ru [��: �� MICROSOFTHOST.EXE]

�� MICROSOFTHOST.EXE

Wed, 26 Jul 2023 18:09:56 +0300

�� MICROSOFTHOST.EXE � �� .
��, ��!
26.07.2023 18:09:56, �� .

�� MICROSOFTHOST.EXE

Wed, 26 Jul 2023 17:22:22 +0300

�� MICROSOFTHOST.EXE � �� .
�� .
26.07.2023 17:22:22, RP55 RP55.

�� MICROSOFTHOST.EXE

Wed, 26 Jul 2023 16:59:27 +0300

�� MICROSOFTHOST.EXE � �� .
�� .
�� .
Fixlog.txt
26.07.2023 16:59:27, �� .

�� MICROSOFTHOST.EXE

Tue, 25 Jul 2023 17:13:35 +0300

�� MICROSOFTHOST.EXE � �� .
�� FRST �� ?
�� FRST64.exe ��
HKU\S-1-5-21-1916598936-791089732-1834284805-1001\...\Policies\Explorer\DisallowRun: [16] FRST64.exe
------------

�� fixlist.txt � ��, �� FRST.exe
(�� FRST)
��, �� FRST.exe ��
��, �� (�� ) ��
�� "��"
��
��, �� , ��, ��, �� FixLog.txt �� FRST
fixlist.txt
25.07.2023 17:13:35, santy.

�� MICROSOFTHOST.EXE

Tue, 25 Jul 2023 14:03:10 +0300

�� MICROSOFTHOST.EXE � �� .
�� uvs, �� .
�� ADWCleaner � FRST. �� . �� FRST.exe �� ("�� -�� , �� . �� "). �� .
�� !
FRST.txt
AdwCleaner[S00].txt
Addition1.txt
25.07.2023 14:03:10, �� .

�� MICROSOFTHOST.EXE

Mon, 24 Jul 2023 23:54:10 +0300

�� MICROSOFTHOST.EXE � �� .
�� - � �� .
uVS: start.exe, �� , ��, �� - �� .
�� , �� !
�� : �� !

====code====

;uVS v4.14.1 [http://dsrt.dyndns.org:8888]
;Target OS: NTv11.0
v400c
OFFSGNSAVE
regt 1
regt 2
regt 14
regt 25
zoo %SystemDrive%\PROGRAMDATA\MICROSOFT\KKTXC\SCRIPT.BAT
deltmp
czoo
restart
;---------command-block---------
delref HTTPS://CLIENTS2.GOOGLE.COM/SERVICE/UPDATE2/CRX?RESPONSE=REDIRECT&PRODVERSION=38.0&X=ID%3DMJBEPBHONBOJPOAENHCKJOCCHGFIAOFO%26INSTALLSOURCE%3DONDEMAND%26UC
delall %SystemDrive%\PROGRAMDATA\MICROSOFT\KKTXC\SCRIPT.BAT
delall %SystemDrive%\PROGRAMDATA\REAITEKHD\TASKHOST.EXE
delall %SystemDrive%\PROGRAMDATA\REAITEKHD\TASKHOSTW.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\AUDIODG.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\MICROSOFTHOST.EXE
delref %SystemRoot%\SYSWOW64\DRIVERSTORE\FILEREPOSITORY\LMS.INF_AMD64_FDDB643595E0B8D0\LMS.EXE
delref {E984D939-0E00-4DD9-AC3A-7ACA04745521}\[CLSID]
delref %Sys32%\MBAEPARSERTASK.EXE
delref %SystemRoot%\SYSWOW64\DRIVERS\NTFS.SYS
delref %SystemRoot%\SYSWOW64\DRIVERS\STORPORT.SYS
delref %SystemRoot%\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORSEC.DLL
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {8AD9C840-044E-11D1-B3E9-00805F499D93}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref {D27CDB6E-AE6D-11CF-96B8-444553540000}\[CLSID]
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID]
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref %SystemRoot%\MICROSOFT.NET\FRAMEWORK64\V2.0.50727\MSCORSEC.DLL
delref {C885AA15-1764-4293-B82A-0586ADD46B35}\[CLSID]
delref %Sys32%\MSPAINT.EXE
delref %Sys32%\DRIVERS\SYNTH3DVSC.SYS
delref %Sys32%\IDLISTEN.DLL
delref %Sys32%\WINJSON.DLL
delref %Sys32%\SETTINGSYNC.DLL
delref %Sys32%\PACKAGESTATEROAMING.DLL
delref %Sys32%\DRIVERS\IALPSS2_GPIO2_CNL.SYS
delref %Sys32%\CELLULARAPI.DLL
delref %Sys32%\NETWORKSTATUS.DLL
delref %Sys32%\DRIVERS\RFXVMT.SYS
delref %Sys32%\SETTINGSYNCCORE.DLL
delref %SystemRoot%\UUS\%PROCESSOR_ARCHITECTURE%\WUAUENGCORE.DLL
delref %Sys32%\PERFCTRS.DLL
delref %Sys32%\NETCELLCORECELLMANAGERPROVIDERRESOURCES.DLL
delref %Sys32%\AZURESETTINGSYNCPROVIDER.DLL
delref %Sys32%\LISTSVC.DLL
delref %Sys32%\DRIVERS\WCNFS.SYS
delref %Sys32%\PERFTRACK.DLL
delref %Sys32%\DRIVERS\IALPSS2_I2C_CNL.SYS
delref %Sys32%\PROVSVC.DLL
delref %Sys32%\ONEDRIVESETTINGSYNCPROVIDER.DLL
delref APPMGMT\[SERVICE]
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref SWPRV\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %Sys32%\DRIVERS\PARTIZAN.SYS
delref %Sys32%\DRIVERS\WINSETUPMON.SYS
delref IRENUM\[SERVICE]
delref D:\GAMES\THE WALKING DEAD - A NEW FRONTIER\WALKINGDEAD3.EXE
delref SERVICE\WINSERV.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWS TASKS SERVICE\WINSERV.EXE
apply

=============

+
�� (�� )
2) �� AdwCleaner
http://forum.esetnod32.ru/forum9/topic7084/

�� :
�� Mail.Ru � Yandex �� ( �� )
�� :
"��... �� > �� " �� Mail.Ru � Yandex �� [V]

�� AdwCleaner �� \��, ��
� ��.

3) �� FRST: http://forum.esetnod32.ru/forum9/topic2798/
�� : Addition.txt � FRST.txt
24.07.2023 23:54:10, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 24 Jul 2023 21:23:15 +0300

�� MICROSOFTHOST.EXE � �� .
��
DESKTOP-5OSAU3H_2023-07-24_22-05-53_v4.14.1.7z
24.07.2023 21:23:15, �� .

�� MICROSOFTHOST.EXE

Mon, 24 Jul 2023 20:15:52 +0300

�� MICROSOFTHOST.EXE � �� .
�� uVS
http://forum.esetnod32.ru/forum9/topic2687/
24.07.2023 20:15:52, RP55 RP55.

�� MICROSOFTHOST.EXE

Mon, 24 Jul 2023 18:06:18 +0300

�� MICROSOFTHOST.EXE � �� .
��. �� , �� , �� MICROSOFTHOST.EXE, AUDIODG.EXE, TASKHOST.EXE.
�� , �� - �� . �� UnHackMe �� , �� .
��, ��! �, ��, ��, �� -��(
24.07.2023 18:06:18, �� .

����� esetnod32.ru [����: ����� MICROSOFTHOST.EXE]

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

����� MICROSOFTHOST.EXE

�� esetnod32.ru [��: �� MICROSOFTHOST.EXE]

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE

�� MICROSOFTHOST.EXE