Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ufelirid' = '"%WINDIR%\ibxlacug.exe"'
- C:\Far2\Plugins\FTP\lib\ftpProgress.fll
- C:\Far2\Plugins\FTP\lib\ftpDirList.fll
- %PROGRAM_FILES%\Windows NT\Accessories\mswrd6.wpc
- %PROGRAM_FILES%\Windows NT\Accessories\write.wpc
- %PROGRAM_FILES%\Windows NT\Accessories\mswrd8.wpc
- C:\Far2\Plugins\arclite\7zCon.sfx
- C:\Far2\Plugins\arclite\7z.sfx
- C:\Far2\Plugins\arclite\7zS2.sfx
- C:\Far2\Plugins\arclite\7zSD.sfx
- C:\Far2\Plugins\arclite\7zS2con.sfx
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\xpinstall\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\update\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\profile\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\xbl-marquee\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\satchel\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\passwordmgr\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\downloads\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\xml\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\plugins\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\handling\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\mozapps\extensions\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\handling\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\extensions\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\downloads\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\update\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\profile\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\plugins\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\arrow\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\alerts\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\res\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\media\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\dirListing\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\global\console\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\plugins\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\handling\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\xpinstall\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\update\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\profile\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\extensions\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global-platform\unix\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global-platform\mac\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\mozapps\downloads\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global-region\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global-platform\win\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\alerts\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\cookie\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\pippki\content\pippki\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\svg\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\bindings\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\feedback\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\pipnss\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\passwordmgr\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\necko\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\services\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\places\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\pippki\PLEASE_READ.inf
- %PROGRAM_FILES%\Microsoft.NET\RedistList\PLEASE_READ.inf
- %PROGRAM_FILES%\Internet Explorer\SIGNUP\PLEASE_READ.inf
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\PLEASE_READ.inf
- %PROGRAM_FILES%\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\PLEASE_READ.inf
- %PROGRAM_FILES%\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\PLEASE_READ.inf
- %PROGRAM_FILES%\Movie Maker\Shared\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\res\entityTables\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\res\dtd\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\searchplugins\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\res\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\res\fonts\PLEASE_READ.inf
- %PROGRAM_FILES%\Windows Media Player\Skins\PLEASE_READ.inf
- %PROGRAM_FILES%\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\PLEASE_READ.inf
- %PROGRAM_FILES%\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\PLEASE_READ.inf
- %PROGRAM_FILES%\Windows NT\Pinball\PLEASE_READ.inf
- %PROGRAM_FILES%\Windows NT\Accessories\PLEASE_READ.inf
- %PROGRAM_FILES%\Windows Media Player\PLEASE_READ.inf
- %PROGRAM_FILES%\Reference Assemblies\Microsoft\Framework\v3.0\PLEASE_READ.inf
- %PROGRAM_FILES%\NetMeeting\PLEASE_READ.inf
- %PROGRAM_FILES%\MSN\MSNCoreFiles\OOBE\PLEASE_READ.inf
- %PROGRAM_FILES%\MSN\MSNCoreFiles\Install\PLEASE_READ.inf
- %PROGRAM_FILES%\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\PLEASE_READ.inf
- %PROGRAM_FILES%\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\PLEASE_READ.inf
- %PROGRAM_FILES%\Outlook Express\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\handling\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\extensions\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\downloads\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\update\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\profile\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\plugins\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\arrow\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\alerts\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\aero\mozapps\xpinstall\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\media\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\dirListing\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\global\console\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\services-sync\engines\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\services-crypto\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\tabview\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\services-sync\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\modules\services-sync\ext\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\dictionaries\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\defaults\autoconfig\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\components\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\toolkit\skin\classic\mozapps\xpinstall\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\defaults\profile\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\defaults\profile\chrome\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\defaults\pref\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrc\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrc\auto\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrc\auto\types\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrd\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrd\console\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\hrd\console\contrib\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\bin\PLEASE_READ.inf
- C:\Far2\Plugins\Align\PLEASE_READ.inf
- C:\Far2\Plugins\7-Zip\PLEASE_READ.inf
- C:\Far2\FExcept\PLEASE_READ.inf
- C:\Far2\Plugins\Brackets\PLEASE_READ.inf
- C:\Far2\Plugins\AutoWrap\PLEASE_READ.inf
- C:\Far2\Plugins\arclite\PLEASE_READ.inf
- C:\Far2\Plugins\ExtSearch\PLEASE_READ.inf
- C:\Far2\Plugins\ExtSearch\sources\PLEASE_READ.inf
- C:\Far2\Plugins\ExtSearch\sources\RegExp\PLEASE_READ.inf
- C:\Far2\Plugins\FTP\lib\PLEASE_READ.inf
- C:\Far2\Plugins\FileCase\PLEASE_READ.inf
- C:\Far2\Plugins\FarCmds\PLEASE_READ.inf
- C:\Far2\Plugins\ExtSearch\keys\PLEASE_READ.inf
- C:\Far2\Plugins\DrawLine\PLEASE_READ.inf
- C:\Far2\Plugins\Compare\PLEASE_READ.inf
- C:\Far2\Plugins\Colorer\PLEASE_READ.inf
- C:\Far2\Plugins\ExtSearch\doc\PLEASE_READ.inf
- C:\Far2\Plugins\EMenu\PLEASE_READ.inf
- C:\Far2\Plugins\EditCase\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Local Settings\History\History.IE5\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media\9.0\PLEASE_READ.inf
- C:\Documents and Settings\LocalService\Local Settings\Application Data\PLEASE_READ.inf
- C:\Documents and Settings\Default User\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Templates\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Media Player\PLEASE_READ.inf
- %ALLUSERSPROFILE%\Documents\My Music\Sample Playlists\0338E140\PLEASE_READ.inf
- %ALLUSERSPROFILE%\Documents\My Music\Sample Music\PLEASE_READ.inf
- %WINDIR%\ibxlacug.exe
- C:\Documents and Settings\Default User\Cookies\PLEASE_READ.inf
- C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\PLEASE_READ.inf
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\PLEASE_READ.inf
- C:\Far2\Addons\XLat\Russian\PLEASE_READ.inf
- C:\Far2\Addons\Shell\PLEASE_READ.inf
- C:\Far2\Addons\SetUp\PLEASE_READ.inf
- C:\Far2\Documentation\rus\PLEASE_READ.inf
- C:\Far2\Documentation\eng\PLEASE_READ.inf
- C:\Far2\Addons\PLEASE_READ.inf
- C:\Far2\Addons\Macros\PLEASE_READ.inf
- %HOMEPATH%\Templates\PLEASE_READ.inf
- %HOMEPATH%\Favorites\PLEASE_READ.inf
- %HOMEPATH%\Favorites\Links\PLEASE_READ.inf
- C:\Far2\Addons\Colors\PLEASE_READ.inf
- C:\Far2\Addons\Colors\Default Highlighting\PLEASE_READ.inf
- C:\Far2\Addons\Colors\Custom Highlighting\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\migration\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\feeds\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\downloads\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\safebrowsing\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\places\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\branding\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\places\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\feeds\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\tabview\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\svg\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\security\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\search\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\xslt\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\xpinstall\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\xml\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\layout\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser-region\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\browser\sidebar\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\global\dom\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\cookie\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\en-US\locale\en-US\autoconfig\PLEASE_READ.inf
- C:\Far2\PLEASE_READ.inf
- C:\Far2\PluginSDK\Headers.pas\PLEASE_READ.inf
- C:\Far2\PluginSDK\Headers.c\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\certerror\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\bookmarks\PLEASE_READ.inf
- <Auxiliary element>
- C:\Far2\Plugins\WinSCP\PLEASE_READ.inf
- C:\Far2\Plugins\MacroView\PLEASE_READ.inf
- C:\Far2\Plugins\HlfViewer\PLEASE_READ.inf
- C:\Far2\Plugins\FTP\PLEASE_READ.inf
- C:\Far2\Plugins\TmpPanel\PLEASE_READ.inf
- C:\Far2\Plugins\ProcList\PLEASE_READ.inf
- C:\Far2\Plugins\Network\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\search\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\safebrowsing\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\migration\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\history\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\feeds\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\preferences\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\places\PLEASE_READ.inf
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\pageinfo\PLEASE_READ.inf
- from <Auxiliary element> to <Auxiliary element>