��/�� - audiodg.exe

Thu, 03 Nov 2022 14:43:40 +0300

��/�� - audiodg.exe �� . � �� .
Dr.Web Cureit - �� ... ( �� )

1) �� - � �� .
uVS: start.exe, �� , ��, �� - �� .
�� , �� !
�� : �� !

====code====

;uVS v4.12.1 [http://dsrt.dyndns.org:8888]
;Target OS: NTv6.1
v400c
OFFSGNSAVE
bl 911A11639A40D412466AC9BFCA7C1EA1 36966416
bl FB480C32023D05D54F48C3782B28026C 42979856
bl 3F4F5A6CB95047FEA6102BD7D2226AA9 10675712
bl A1DE0A95069F24641D1E9630D37FB0BB 5543952
bl 1EE4321C311D7E58208C61630FA3F278 5430272
deltmp
regt 1
regt 2
regt 13
regt 14
regt 25
regt 27
regt 38
;---------command-block---------
delall %SystemDrive%\PROGRAMDATA\REAITEKHD\TASKHOST.EXE
delall %SystemDrive%\PROGRAMDATA\REAITEKHD\TASKHOSTW.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWS TASKS SERVICE\WINSERV.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\AUDIODG.EXE
delall %SystemDrive%\PROGRAMDATA\WINDOWSTASK\MICROSOFTHOST.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\YANDEX\YANDEXBROWSER\22.9.1.1095\SERVICE_UPDATE.EXE
delref {23E5D772-327A-42F5-BDEE-C65C6796BB2A}\[CLSID]
delref {177AFECE-9599-46CF-90D7-68EC9EEB27B4}\[CLSID]
delref {CEF51277-5358-477B-858C-4E14F0C80BF7}\[CLSID]
delref {59116E30-02BD-4B84-BA1E-5D77E809B1A2}\[CLSID]
delref D:\PROGRAM FILES\WINDOWS DEFENDER\MPCMDRUN.EXE
delref %SystemDrive%\PROGRAMDATA\POLYMER-PRISON\BIN.EXE
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\UMPO.DLL
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\RDVGKMD.SYS
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.EXE
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID]
delref {CA8A9780-280D-11CF-A24D-444553540000}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref {D27CDB6E-AE6D-11CF-96B8-444553540000}\[CLSID]
delref %SystemRoot%\SYSWOW64\WIN32K.SYS
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref %Sys32%\DRIVERS\RDVGKMD.SYS
delref %Sys32%\DRIVERS\TPM.SYS
delref %Sys32%\MSSPELLCHECKINGFACILITY.DLL
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref SACSVR\[SERVICE]
delref SWPRV\[SERVICE]
delref TBS\[SERVICE]
delref VMMS\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %Sys32%\PSXSS.EXE
delref %Sys32%\SHAREMEDIACPL.CPL
delref %SystemDrive%\PROGRAM FILES (X86)\INNOVA\4GAME2.0\4GAME.EXE
delref %SystemDrive%\PROGRAMDATA\POLYMER-PRISON\UNINS000.EXE
apply

restart

=============

+
2) �� (�� ) �� Malwarebytes
http://forum.esetnod32.ru/forum9/topic10688/

�� : �� .
�� ( � �� ).
�� .txt ( �� )

�� Malwarebytes �� - �� uVS
03.11.2022 14:43:40, RP55 RP55.

��/�� - audiodg.exe

Thu, 03 Nov 2022 13:40:17 +0300

��/�� - audiodg.exe �� . � �� .
UVS-Latest ��.
�� .
AVbr �� .

�� Dr.Web Cureit(�� )
��-��_2022-11-03_20-27-35_v4.12.1.7z
03.11.2022 13:40:17, Seva Fatxullin.

����� esetnod32.ru [����: ������/����� - audiodg.exe]

������/����� - audiodg.exe

������/����� - audiodg.exe

�� esetnod32.ru [��: ��/�� - audiodg.exe]

��/�� - audiodg.exe

��/�� - audiodg.exe