Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\PFSMonitorService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\PFS\PFS.exe' = '%PROGRAM_FILES%\PFS\PFS.exe:*:Enabled:PFS Service'
- %TEMP%\nsn2.tmp\ns5.tmp "%PROGRAM_FILES%\PFS\PFS.exe" /start
- %PROGRAM_FILES%\PFS\PFS.exe /start
- %PROGRAM_FILES%\PFS\PFS.exe
- %TEMP%\nsn2.tmp\ns3.tmp "%PROGRAM_FILES%\PFS\PFS.exe" /stop
- %TEMP%\nsn2.tmp\ns4.tmp "%PROGRAM_FILES%\PFS\PFS.exe" /install
- %PROGRAM_FILES%\PFS\PFS.exe /install
- <SYSTEM32>\netsh.exe firewall add allowedprogram "%PROGRAM_FILES%\PFS\PFS.exe" "PFS Service" ENABLE
- %TEMP%\nsn2.tmp\ns5.tmp
- %TEMP%\nsn2.tmp\ns4.tmp
- %PROGRAM_FILES%\PFS\Data\macfile.txt
- %PROGRAM_FILES%\PFS\Data\log20120924.txt
- %PROGRAM_FILES%\PFS\pfsuninstall.exe
- %TEMP%\nsn2.tmp\ns3.tmp
- %TEMP%\nsn2.tmp\nsExec.dll
- %PROGRAM_FILES%\PFS\Updater.exe
- %PROGRAM_FILES%\PFS\PFS.exe
- %TEMP%\nsn2.tmp\ns5.tmp
- %TEMP%\nsn2.tmp\nsExec.dll
- %TEMP%\nsn2.tmp\ns3.tmp
- %TEMP%\nsn2.tmp\ns4.tmp
- 'mo#.#ilim.co.kr':80
- 'bc#.#ilim.co.kr':8080
- 'localhost':1035
- mo#.#ilim.co.kr/sub/check_ftp_connect.php?sI####################
- DNS ASK mo#.#ilim.co.kr
- DNS ASK bc#.#ilim.co.kr
- '23#.#55.255.250':1900