Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{H8I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}] 'stubpath' = ''
- %WINDIR%\Tasks\reget.bat
- %WINDIR%\Tasks\usp10.dll
- %WINDIR%\Tasks\kav32.exe
- %WINDIR%\Tasks\pig.vbs
- C:\_default.pif (downloaded from the Internet)
- %WINDIR%\Tasks\kav32.exe
- <SYSTEM32>\ipconfig.exe
- <SYSTEM32>\cmd.exe /c c:\dek.bat
- C:\Far\Plugins\getlastvirname\usp10.dll
- C:\Far\Plugins\helpplugin\usp10.dll
- C:\Far\Plugins\FTP\usp10.dll
- C:\Far\Plugins\fopen\usp10.dll
- C:\Far\Plugins\FTP\lib\usp10.dll
- C:\Far\Plugins\HlfViewer\usp10.dll
- C:\Far\Plugins\IDECLASS\usp10.dll
- C:\Far\Plugins\INSTEXPL\Unp\usp10.dll
- C:\Far\Plugins\hrc\usp10.dll
- C:\Far\Plugins\hrc\4ever\usp10.dll
- C:\Far\Plugins\hrc\4you\usp10.dll
- C:\Far\Plugins\FileCase\usp10.dll
- C:\Far\Plugins\Editor\DrawLine\usp10.dll
- C:\Far\Plugins\Editor\EditCase\usp10.dll
- C:\Far\Plugins\Editor\Brackets\usp10.dll
- C:\Far\Plugins\Editor\Align\usp10.dll
- C:\Far\Plugins\Editor\AutoWrap\usp10.dll
- C:\Far\Plugins\Editor\usp10.dll
- C:\Far\Plugins\farhelp\usp10.dll
- C:\Far\Plugins\FBlock107\usp10.dll
- C:\Far\Plugins\FARCmds\usp10.dll
- C:\Far\Plugins\EMenu\usp10.dll
- C:\Far\Plugins\exefilt\usp10.dll
- C:\Far\Plugins\INSTEXPL\usp10.dll
- C:\Far\Plugins\setup\usp10.dll
- C:\Far\Plugins\SortEdit\usp10.dll
- C:\Far\Plugins\Services\usp10.dll
- C:\Far\Plugins\renamer2\Src\usp10.dll
- C:\Far\Plugins\renamer2\usp10.dll
- C:\Far\Plugins\src\usp10.dll
- <Auxiliary element>
- %CommonProgramFiles%\Microsoft Shared\DAO\usp10.dll
- C:\Far\usp10.dll
- C:\Far\Plugins\TmpPanel\usp10.dll
- C:\Far\Plugins\usp10.dll
- C:\Far\Plugins\renamer1\usp10.dll
- C:\Far\Plugins\msdn\Src\usp10.dll
- C:\Far\Plugins\msdn\usp10.dll
- C:\Far\Plugins\MD5plug130\usp10.dll
- C:\Far\Plugins\MD5plug130\bin\usp10.dll
- C:\Far\Plugins\MD5plug130\src\usp10.dll
- C:\Far\Plugins\MultiArc\Formats\usp10.dll
- C:\Far\Plugins\ProcList\usp10.dll
- C:\Far\Plugins\RegBrowse\usp10.dll
- C:\Far\Plugins\PrintMan\usp10.dll
- C:\Far\Plugins\MultiArc\usp10.dll
- C:\Far\Plugins\Network\usp10.dll
- C:\Far\Plugins\DOCFILE\usp10.dll
- C:\Far\Addons\XLat\usp10.dll
- C:\Far\Addons\usp10.dll
- C:\Far\Addons\XLat\Russian\usp10.dll
- C:\Far\Addons\Tables\Western European\usp10.dll
- C:\Far\Addons\Tables\usp10.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\me821[1].exe
- C:\Far\PlugDoc\Examples\Editor\AutoWrap\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\Brackets\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\Align\usp10.dll
- C:\_default.pif
- C:\Far\PlugDoc\Examples\Compare\usp10.dll
- C:\Far\Addons\Tables\Hebrew\usp10.dll
- C:\Far\Addons\Colors\Default Highlighting\usp10.dll
- C:\Far\Addons\Colors\usp10.dll
- C:\Far\Addons\Colors\Custom Highlighting\usp10.dll
- C:\dek.bat
- C:\Far\Addons\Archivers\usp10.dll
- C:\Far\Addons\Macros\usp10.dll
- C:\Far\Addons\Tables\Cyrillic\E-Mail Double Conversion\usp10.dll
- C:\Far\Addons\Tables\Cyrillic\usp10.dll
- C:\Far\Addons\Tables\Central European\usp10.dll
- C:\Far\Addons\SetUp\usp10.dll
- C:\Far\Addons\Shell\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\DrawLine\usp10.dll
- C:\Far\Plugins\ascii\usp10.dll
- C:\Far\Plugins\backup\usp10.dll
- C:\Far\Plugins\ascii\src\usp10.dll
- C:\Far\PlugDoc\Headers.pas\usp10.dll
- C:\Far\PlugDoc\usp10.dll
- C:\Far\Plugins\calc\usp10.dll
- C:\Far\Plugins\COMP\usp10.dll
- C:\Far\Plugins\Compare\usp10.dll
- C:\Far\Plugins\CallCommand\usp10.dll
- C:\Far\Plugins\calc2\usp10.dll
- C:\Far\Plugins\CallCommand\bin\usp10.dll
- C:\Far\PlugDoc\Headers.c\usp10.dll
- C:\Far\PlugDoc\Examples\FileCase\usp10.dll
- C:\Far\PlugDoc\Examples\HelloWorld\usp10.dll
- C:\Far\PlugDoc\Examples\FARCmds\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\EditCase\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\usp10.dll
- C:\Far\PlugDoc\Examples\HlfViewer\usp10.dll
- C:\Far\PlugDoc\Examples\TmpPanel\usp10.dll
- C:\Far\PlugDoc\Examples\usp10.dll
- C:\Far\PlugDoc\Examples\Network\usp10.dll
- C:\Far\PlugDoc\Examples\MultiArc\Formats\usp10.dll
- C:\Far\PlugDoc\Examples\MultiArc\usp10.dll
- C:\Far\Plugins\helpplugin\usp10.dll
- C:\Far\Plugins\HlfViewer\usp10.dll
- C:\Far\Plugins\getlastvirname\usp10.dll
- C:\Far\Plugins\FTP\lib\usp10.dll
- C:\Far\Plugins\FTP\usp10.dll
- C:\Far\Plugins\hrc\4ever\usp10.dll
- C:\Far\Plugins\INSTEXPL\Unp\usp10.dll
- C:\Far\Plugins\INSTEXPL\usp10.dll
- C:\Far\Plugins\IDECLASS\usp10.dll
- C:\Far\Plugins\hrc\4you\usp10.dll
- C:\Far\Plugins\hrc\usp10.dll
- C:\Far\Plugins\fopen\usp10.dll
- C:\Far\Plugins\Editor\EditCase\usp10.dll
- C:\Far\Plugins\Editor\usp10.dll
- C:\Far\Plugins\Editor\DrawLine\usp10.dll
- C:\Far\Plugins\Editor\AutoWrap\usp10.dll
- C:\Far\Plugins\Editor\Brackets\usp10.dll
- C:\Far\Plugins\EMenu\usp10.dll
- C:\Far\Plugins\FBlock107\usp10.dll
- C:\Far\Plugins\FileCase\usp10.dll
- C:\Far\Plugins\farhelp\usp10.dll
- C:\Far\Plugins\exefilt\usp10.dll
- C:\Far\Plugins\FARCmds\usp10.dll
- C:\Far\Plugins\setup\usp10.dll
- C:\Far\Plugins\SortEdit\usp10.dll
- C:\Far\Plugins\Services\usp10.dll
- C:\Far\Plugins\renamer2\Src\usp10.dll
- C:\Far\Plugins\renamer2\usp10.dll
- C:\Far\Plugins\src\usp10.dll
- <Auxiliary element>
- %CommonProgramFiles%\Microsoft Shared\DAO\usp10.dll
- C:\Far\usp10.dll
- C:\Far\Plugins\TmpPanel\usp10.dll
- C:\Far\Plugins\usp10.dll
- C:\Far\Plugins\renamer1\usp10.dll
- C:\Far\Plugins\msdn\Src\usp10.dll
- C:\Far\Plugins\msdn\usp10.dll
- C:\Far\Plugins\MD5plug130\usp10.dll
- C:\Far\Plugins\MD5plug130\bin\usp10.dll
- C:\Far\Plugins\MD5plug130\src\usp10.dll
- C:\Far\Plugins\MultiArc\Formats\usp10.dll
- C:\Far\Plugins\ProcList\usp10.dll
- C:\Far\Plugins\RegBrowse\usp10.dll
- C:\Far\Plugins\PrintMan\usp10.dll
- C:\Far\Plugins\MultiArc\usp10.dll
- C:\Far\Plugins\Network\usp10.dll
- C:\Far\Plugins\Editor\Align\usp10.dll
- C:\Far\Addons\XLat\usp10.dll
- C:\Far\Addons\usp10.dll
- C:\Far\Addons\XLat\Russian\usp10.dll
- C:\Far\Addons\Tables\Western European\usp10.dll
- C:\Far\Addons\Tables\usp10.dll
- C:\Far\PlugDoc\Examples\Compare\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\DrawLine\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\EditCase\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\Brackets\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\Align\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\AutoWrap\usp10.dll
- C:\Far\Addons\Tables\Hebrew\usp10.dll
- C:\Far\Addons\Colors\Default Highlighting\usp10.dll
- C:\Far\Addons\Colors\usp10.dll
- C:\Far\Addons\Colors\Custom Highlighting\usp10.dll
- %WINDIR%\Tasks\kav32.exe
- C:\Far\Addons\Archivers\usp10.dll
- C:\Far\Addons\Macros\usp10.dll
- C:\Far\Addons\Tables\Cyrillic\E-Mail Double Conversion\usp10.dll
- C:\Far\Addons\Tables\Cyrillic\usp10.dll
- C:\Far\Addons\Tables\Central European\usp10.dll
- C:\Far\Addons\SetUp\usp10.dll
- C:\Far\Addons\Shell\usp10.dll
- C:\Far\Plugins\backup\usp10.dll
- C:\Far\Plugins\calc\usp10.dll
- C:\Far\Plugins\ascii\usp10.dll
- C:\Far\PlugDoc\usp10.dll
- C:\Far\Plugins\ascii\src\usp10.dll
- C:\Far\Plugins\calc2\usp10.dll
- C:\Far\Plugins\Compare\usp10.dll
- C:\Far\Plugins\DOCFILE\usp10.dll
- C:\Far\Plugins\COMP\usp10.dll
- C:\Far\Plugins\CallCommand\bin\usp10.dll
- C:\Far\Plugins\CallCommand\usp10.dll
- C:\Far\PlugDoc\Headers.pas\usp10.dll
- C:\Far\PlugDoc\Examples\HelloWorld\usp10.dll
- C:\Far\PlugDoc\Examples\HlfViewer\usp10.dll
- C:\Far\PlugDoc\Examples\FileCase\usp10.dll
- C:\Far\PlugDoc\Examples\Editor\usp10.dll
- C:\Far\PlugDoc\Examples\FARCmds\usp10.dll
- C:\Far\PlugDoc\Examples\MultiArc\Formats\usp10.dll
- C:\Far\PlugDoc\Examples\usp10.dll
- C:\Far\PlugDoc\Headers.c\usp10.dll
- C:\Far\PlugDoc\Examples\TmpPanel\usp10.dll
- C:\Far\PlugDoc\Examples\MultiArc\usp10.dll
- C:\Far\PlugDoc\Examples\Network\usp10.dll
- '<Private IP address>':80
- 'ig####riends.co.kr':80
- 'fs###.#okju74ut6.com':80
- '<Private IP address>':445
- '<Private IP address>':139
- 'localhost':1038
- fs###.#okju74ut6.com/tongjime/Count.asp?ma####################
- ig####riends.co.kr/down/me821.exe
- DNS ASK fs###.#okju74ut6.com
- DNS ASK ig####riends.co.kr
- ClassName: 'AfxControlBar42s' WindowName: ''