�� esetnod32.ru [��: �� Win32/SpyVoltar.A]

�� Win32/SpyVoltar.A

Sat, 05 May 2012 16:58:08 +0400

�� Win32/SpyVoltar.A �� = C:\Documents and Settings\user\Application Data\netprotocol.exe - �� Win32/SpyVoltar.A �� - �� .
��. ��!
05.05.2012 16:58:08, dmitry_spb.

�� Win32/SpyVoltar.A

Sat, 05 May 2012 16:54:14 +0400

�� Win32/SpyVoltar.A �� = C:\Documents and Settings\user\Application Data\netprotocol.exe - �� Win32/SpyVoltar.A �� - �� .
�� . �� - ��
05.05.2012 16:54:14, ��.

�� Win32/SpyVoltar.A

Sat, 05 May 2012 16:53:16 +0400

�� Win32/SpyVoltar.A �� = C:\Documents and Settings\user\Application Data\netprotocol.exe - �� Win32/SpyVoltar.A �� - �� .
�� , ��! �� Mbam ��...
� �� , � �� Mbam?
mbam-log-2012-05-05 (16-49-03).txt
05.05.2012 16:53:16, dmitry_spb.

�� Win32/SpyVoltar.A

Sat, 05 May 2012 13:12:25 +0400

�� Win32/SpyVoltar.A �� = C:\Documents and Settings\user\Application Data\netprotocol.exe - �� Win32/SpyVoltar.A �� - �� .
��!

�� �� uVS:
- �� , �� (�� . �� );
- �� "��" � �� (�� , �� );
====code====

;;uVS v3.75 BETA1 script [http://dsrt.dyndns.org]
;Target OS: NTv5.1

delref HTTP://WEBALTA.RU
delref HTTP://WWW.MAIL.RU/CNT/5087
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\NETPROTOCOL.EXE
bl C4EA0873E232678165E11D9F5A8B9FBA 120871
delall %SystemDrive%\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\NETPROTOCOL.EXE
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\ABLEBOOK\DISKCONTROL.EXE
bl ADDF043A7699C50841471529AC1A83DE 24576
delall %SystemDrive%\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\ABLEBOOK\DISKCONTROL.EXE
bl 8FF11370FB799E6BC29C52E238A67356 1460040
delall %SystemDrive%\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\APPLICATION DATA\YANDEX\UPDATER\PRAETORIAN.EXE
zoo %Sys32%\YFYFFKH.DLL
delref %Sys32%\YFYFFKH.DLL
exec "C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE" /UNINSTALL
deltmp
delnfr
czoo
restart

=============
- �� �� - �� ;
- �� . �� , �� ;
- ��  �� (Opera, Mozilla, IE), �� (�� - �� .�.) � �� uVS �� ��;
- �� . �� , �� �� ;
- �� ;
- � ��, �� (uVS), �� - �� 2012-03-09_09-29-00.7z - �� , �� sendvirus2011@gmail.com.
- �� Mbam �� (�� , � �� ). �� . �� .
05.05.2012 13:12:25, ��.

�� Win32/SpyVoltar.A

Sat, 05 May 2012 11:07:56 +0400

�� Win32/SpyVoltar.A �� = C:\Documents and Settings\user\Application Data\netprotocol.exe - �� Win32/SpyVoltar.A �� - �� .
��!
��, ��, �� Win32/SpyVoltar.A.
�� : http://rghost.ru/37920699
05.05.2012 11:07:56, dmitry_spb.

����� esetnod32.ru [����: ���������������� Win32/SpyVoltar.A]

���������������� Win32/SpyVoltar.A

���������������� Win32/SpyVoltar.A

���������������� Win32/SpyVoltar.A

���������������� Win32/SpyVoltar.A

���������������� Win32/SpyVoltar.A

�� esetnod32.ru [��: �� Win32/SpyVoltar.A]

�� Win32/SpyVoltar.A

�� Win32/SpyVoltar.A

�� Win32/SpyVoltar.A

�� Win32/SpyVoltar.A

�� Win32/SpyVoltar.A