Win32/Spy.Shiz.NCE

Wed, 10 Oct 2012 12:07:03 +0400

Win32/Spy.Shiz.NCE � �� .
�� uVS:
- �� ;
- �� uVS(start.exe), �� : �� , �� - �� - �� ;
- �� ;
====code====

;uVS v3.76 script [http://dsrt.dyndns.org]
;Target OS: NTv5.1
OFFSGNSAVE
zoo %Sys32%\CPLDAPU\BLUESCREENVIEW.EXE
addsgn 925277AA146AC1CC0B34504E334BDFFACE9A6C66196A8FE80FC583345791709756104849BDBB6158F0F26927471649FA7C049D75DEC433C2D1667F3E0707F900 8 SpyEye
addsgn 1A018465AAE94932668DAED7E7CDD89C7C8AE8778CA250218521C896505574B6524EC359BF500FF872800B495816C4856AF6D5BDC883B01D10961376C7C7E566 8 Shiz.1010
zoo %SystemRoot%\APPPATCH\YYQHCI.EXE
hide %Sys32%\CPLDAPU\BLUESCREENVIEW.EXE
delall %SystemRoot%\APPPATCH\YYQHCI.EXE
chklst
delvir
delref HTTP://WWW.APEHA.RU
delall WWW.APEHA.RU
deltmp
delnfr
REGT 12
regt 14
exec "C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE" /UNINSTALL
exec C:\PROGRAM FILES\TICNO\MULTIBAR\UNINSTALL.EXE
restart

=============
��, �� .
�� uVS (�� : ZOO_2012-12-31_23-59-59.rar/7z) �� sendvirus2011@gmail.com, support@esetnod32.ru
------------
��,
��
http://forum.esetnod32.ru/forum9/topic682/
10.10.2012 12:07:03, santy.

Win32/Spy.Shiz.NCE

Wed, 10 Oct 2012 11:47:15 +0400

Win32/Spy.Shiz.NCE � �� .
��!
��, ��, �� .
��:
�� , �� = explorer.exe �� Win32/Spy.Shiz.NCE ��

��

�� !
MYCOMP_2012-10-10_14-36-53.rar
10.10.2012 11:47:15, barr.

����� esetnod32.ru [����: Win32/Spy.Shiz.NCE]

Win32/Spy.Shiz.NCE

Win32/Spy.Shiz.NCE

�� esetnod32.ru [��: Win32/Spy.Shiz.NCE]