Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\FeebeeService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\Musbe\Feebee\Srvc_00C6\FeebeeSrvc.exe' = '%PROGRAM_FILES%\Musbe\Feebee\Srvc_00C6\FeebeeSrvc.exe:*:Enabled:GIZMO'
- %PROGRAM_FILES%\Musbe\Feebee\Srvc_00C6\FeebeeSrvc.exe -install
- %WINDIR%\Temp\DnglSrvc_00C6.log
- %TEMP%\DnglSrvcApp_00C6.warn.log
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\VERSIONS[1].TXT
- %WINDIR%\Temp\DnglSrvc_00C6.warn.log
- %TEMP%\nsw2.tmp\UserInfo.dll
- %TEMP%\nsw2.tmp\NsisFbExt.dll
- %TEMP%\DnglSrvcApp_00C6.log
- %PROGRAM_FILES%\Musbe\Feebee\Srvc_00C6\FeebeeSrvc.exe
- %TEMP%\nsw2.tmp\UserInfo.dll
- %TEMP%\nsw2.tmp\NsisFbExt.dll
- 'fb####te.musbe.net':80
- fb####te.musbe.net/VERSIONS.TXT
- DNS ASK fb####te.musbe.net
- '<Private IP address>':1036