Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{H1I22RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}] 'stubpath' = ''
- %WINDIR%\Tasks\SA.DAT
- <Drive name for removable media>:\recycle.{645FF040-5081-101B-9F08-00AA002F954E}\shit
- <Drive name for removable media>:\AUTORUN.INF
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.169
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.168
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.167
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.170
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.173
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.172
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.171
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.166
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.161
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.160
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.159
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.162
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.165
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.164
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.163
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.174
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.185
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.184
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.183
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.186
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.189
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.188
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.187
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.182
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.177
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.176
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.175
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.178
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.181
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.180
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.179
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.158
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.137
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.136
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.135
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.138
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.141
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.140
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.139
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.134
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.129
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.128
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.127
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.130
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.133
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.132
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.131
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.142
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.153
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.152
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.151
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.154
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.157
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.156
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.155
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.150
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.145
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.144
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.143
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.146
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.149
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.148
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.147
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.190
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.233
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.232
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.231
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.234
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.237
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.236
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.235
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.230
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.225
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.224
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.223
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.226
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.229
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.228
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.227
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.238
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.249
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.248
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.247
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.250
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.253
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.252
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.251
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.246
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.241
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.240
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.239
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.242
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.245
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.244
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.243
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.222
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.201
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.200
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.199
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.202
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.205
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.204
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.203
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.198
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.193
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.192
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.191
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.194
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.197
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.196
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.195
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.206
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.217
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.216
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.215
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.218
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.221
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.220
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.219
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.214
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.209
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.208
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.207
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.210
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.213
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.212
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.211
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.126
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.42
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.41
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.40
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.43
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.46
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.45
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.44
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.39
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.34
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.33
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.32
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.35
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.38
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.37
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.36
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.47
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.58
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.57
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.56
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.59
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.62
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.61
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.60
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.55
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.48
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.50
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.49
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.51
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.54
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.53
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.52
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.11
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.7
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.18
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.17
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.19
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.9
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.20
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.8
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.6
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.16
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.4
- '%WINDIR%\Fuckme\Fuckme.exe'
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.1
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.5
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.2
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.3
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.21
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.15
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.12
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.14
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.29
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.13
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.31
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.30
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.27
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.23
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.10
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.22
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.24
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.28
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.26
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.25
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.63
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.105
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.104
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.103
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.106
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.109
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.108
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.107
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.102
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.97
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.96
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.95
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.98
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.101
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.100
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.99
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.110
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.121
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.120
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.119
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.122
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.125
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.124
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.123
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.118
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.113
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.112
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.111
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.114
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.117
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.116
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.115
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.94
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.74
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.73
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.72
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.75
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.78
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.77
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.76
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.71
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.66
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.65
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.64
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.67
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.70
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.69
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.68
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.79
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.89
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.88
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.87
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.90
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.93
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.91
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.92
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.86
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.82
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.81
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.80
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.83
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.85
- '%WINDIR%\Fuckme\connects.exe' /pid=3076
- '%WINDIR%\Fuckme\connects.exe' 10.0.0.84
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '<SYSTEM32>\dumprep.exe' 1148 -dm 7 7 %TEMP%\WERba9d.dir00\svchost.exe.mdmp 16325836412030492
- <SYSTEM32>\svchost.exe
- 360tray.exe
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\1033\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bots\vinavbar\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\isapi\_vti_adm\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bots\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\admisapi\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\Web Folders\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\VGX\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\admcgi\scripts\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\admisapi\scripts\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\admcgi\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\wsock32.dll
- %CommonProgramFiles%\MSSoap\Binaries\Resources\wsock32.dll
- %CommonProgramFiles%\MSSoap\Binaries\Resources\1033\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\_vti_bin\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\isapi\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\isapi\_vti_aut\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\servsupp\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\_vti_bin\_vti_aut\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\_vti_bin\_vti_adm\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1036\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1033\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1040\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1042\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1041\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1031\wsock32.dll
- <Auxiliary element>
- C:\Far2\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DAO\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1028\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\1025\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\TextConv\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\Stationery\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\Triedit\wsock32.dll
- %TEMP%\WERba9d.dir00\svchost.exe.mdmp
- %CommonProgramFiles%\Microsoft Shared\VC\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\Speech\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\3082\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\2052\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\DW\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\Speech\1033\wsock32.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\wsock32.dll
- %CommonProgramFiles%\MSSoap\Binaries\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\places\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\pageinfo\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\preferences\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\search\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\safebrowsing\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\tabview\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\tabbrowser\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\communicator\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\preferences\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\places\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\feeds\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\1033\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\Microsoft\wsock32.dll
- %CommonProgramFiles%\System\ado\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\Microsoft\Lexicon\wsock32.dll
- %CommonProgramFiles%\ODBC\Data Sources\wsock32.dll
- %CommonProgramFiles%\MSSoap\wsock32.dll
- %CommonProgramFiles%\ODBC\wsock32.dll
- %CommonProgramFiles%\SpeechEngines\Microsoft\Lexicon\1033\wsock32.dll
- %CommonProgramFiles%\Services\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\certerror\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\bookmarks\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\feeds\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\migration\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\history\wsock32.dll
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\wsock32.dll
- %CommonProgramFiles%\System\Ole DB\wsock32.dll
- %CommonProgramFiles%\System\msadc\wsock32.dll
- %CommonProgramFiles%\System\wsock32.dll
- %PROGRAM_FILES%\ComPlus Applications\wsock32.dll
- %CommonProgramFiles%\wsock32.dll
- C:\Far2\FExcept\wsock32.dll
- C:\Far2\Encyclopedia\wsock32.dll
- C:\Far2\Plugins\7-Zip\wsock32.dll
- C:\Far2\Plugins\arclite\wsock32.dll
- C:\Far2\Plugins\Align\wsock32.dll
- C:\Far2\Documentation\wsock32.dll
- C:\Far2\Addons\wsock32.dll
- \Device\LanmanRedirector\10.0.0.7\pipe\browser
- C:\Far2\Documentation\eng\wsock32.dll
- %WINDIR%\Fuckme\desktop.ini
- C:\Far2\Documentation\rus\wsock32.dll
- C:\Far2\Plugins\Colorer\hrd\console\wsock32.dll
- C:\Far2\Plugins\Colorer\hrd\console\contrib\wsock32.dll
- C:\Far2\Plugins\Colorer\hrd\wsock32.dll
- C:\Far2\Plugins\Compare\wsock32.dll
- C:\Far2\Plugins\Colorer\wsock32.dll
- C:\Far2\Plugins\Colorer\hrc\wsock32.dll
- C:\Far2\Plugins\Brackets\wsock32.dll
- C:\Far2\Plugins\AutoWrap\wsock32.dll
- C:\Far2\Plugins\Colorer\bin\wsock32.dll
- C:\Far2\Plugins\Colorer\hrc\auto\wsock32.dll
- C:\Far2\Plugins\Colorer\hrc\auto\types\wsock32.dll
- C:\Far2\Addons\Colors\wsock32.dll
- C:\Far2\Addons\Colors\Default Highlighting\wsock32.dll
- C:\Far2\Addons\Macros\wsock32.dll
- C:\Far2\Addons\Shell\wsock32.dll
- C:\Far2\Addons\SetUp\wsock32.dll
- C:\Far2\Addons\Colors\Custom Highlighting\wsock32.dll
- %WINDIR%\Fuckme\shit.vbs
- %WINDIR%\Fuckme\Fuckme.exe
- %WINDIR%\Fuckme\wsock32.dll
- <Current directory>\wsock32.dll
- %WINDIR%\Fuckme\connects.exe
- \Device\LanmanRedirector\10.0.0.5\pipe\browser
- \Device\LanmanRedirector\10.0.0.2\pipe\browser
- \Device\LanmanRedirector\10.0.0.6\pipe\browser
- \Device\LanmanRedirector\10.0.0.18\pipe\browser
- \Device\LanmanRedirector\10.0.0.17\pipe\browser
- C:\Far2\Addons\XLat\wsock32.dll
- \Device\LanmanRedirector\10.0.0.4\pipe\browser
- C:\Far2\Addons\XLat\Russian\wsock32.dll
- \Device\LanmanRedirector\10.0.0.1\pipe\browser
- \Device\LanmanRedirector\10.0.0.3\pipe\browser
- \Device\LanmanRedirector\10.0.0.16\pipe\browser
- C:\Far2\Plugins\DrawLine\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\tb2k\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\my\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\tbx\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\theme\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\filemng\wsock32.dll
- C:\Far2\Plugins\WinSCP\filezilla\wsock32.dll
- C:\Far2\Plugins\WinSCP\filezilla\misc\wsock32.dll
- C:\Far2\Plugins\WinSCP\forms\wsock32.dll
- C:\Far2\Plugins\WinSCP\packages\dragndrop\wsock32.dll
- C:\Far2\Plugins\WinSCP\lib\wsock32.dll
- C:\Far2\Plugins\wsock32.dll
- C:\Far2\Plugins\WinSCP\wsock32.dll
- C:\Far2\PluginSDK\Headers.c\wsock32.dll
- C:\Far2\PluginSDK\wsock32.dll
- C:\Far2\PluginSDK\Headers.pas\wsock32.dll
- C:\Far2\Plugins\WinSCP\windows\wsock32.dll
- C:\Far2\Plugins\WinSCP\putty\windows\wsock32.dll
- C:\Far2\Plugins\WinSCP\putty\charset\wsock32.dll
- C:\Far2\Plugins\WinSCP\putty\wsock32.dll
- C:\Far2\Plugins\WinSCP\resource\wsock32.dll
- C:\Far2\Plugins\WinSCP\release\wsock32.dll
- C:\Far2\Plugins\FarCmds\wsock32.dll
- C:\Far2\Plugins\ExtSearch\wsock32.dll
- C:\Far2\Plugins\FileCase\wsock32.dll
- C:\Far2\Plugins\FTP\wsock32.dll
- C:\Far2\Plugins\FTP\lib\wsock32.dll
- C:\Far2\Plugins\ExtSearch\sources\wsock32.dll
- C:\Far2\Plugins\EMenu\wsock32.dll
- C:\Far2\Plugins\EditCase\wsock32.dll
- C:\Far2\Plugins\ExtSearch\doc\wsock32.dll
- C:\Far2\Plugins\ExtSearch\sources\RegExp\wsock32.dll
- C:\Far2\Plugins\ExtSearch\keys\wsock32.dll
- C:\Far2\Plugins\WinSCP\core\wsock32.dll
- C:\Far2\Plugins\WinSCP\console\wsock32.dll
- C:\Far2\Plugins\WinSCP\dragext\wsock32.dll
- C:\Far2\Plugins\WinSCP\fari\wsock32.dll
- C:\Far2\Plugins\WinSCP\far\wsock32.dll
- C:\Far2\Plugins\WinSCP\components\wsock32.dll
- C:\Far2\Plugins\MacroView\wsock32.dll
- C:\Far2\Plugins\HlfViewer\wsock32.dll
- C:\Far2\Plugins\Network\wsock32.dll
- C:\Far2\Plugins\TmpPanel\wsock32.dll
- C:\Far2\Plugins\ProcList\wsock32.dll
- %WINDIR%\Fuckme\desktop.ini
- <Drive name for removable media>:\AUTORUN.INF
- C:\Far2\Addons\XLat\wsock32.dll
- '<Private IP address>':139
- '<Private IP address>':80
- 'vb##s.cn':80
- '<Private IP address>':445
- vb##s.cn/tj/ct.asp?ma####################
- DNS ASK vb##s.cn
- ClassName: 'AfxControlBar42s' WindowName: ''