Техническая информация
- '%PROGRAM_FILES%\FeixinMedia\ipseccmd.exe' -p Block1 -r BlockTCP -f 119.147.*.*+0 -n BLOCK -x
- '%TEMP%\nsh2.tmp\ns7.tmp' ipseccmd -p Block2 -r BlockNEW -f 119.188.*.*+0 -n BLOCK -x
- '%PROGRAM_FILES%\FeixinMedia\ipseccmd.exe' -p Block2 -r BlockNEW -f 119.188.*.*+0 -n BLOCK -x
- '<Текущая директория>\mzone-5949.exe'
- '%TEMP%\nsh2.tmp\ns5.tmp' sc start PolicyAgent
- '%TEMP%\nsh2.tmp\ns6.tmp' ipseccmd -p Block1 -r BlockTCP -f 119.147.*.*+0 -n BLOCK -x
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\sc.exe' start PolicyAgent
- %TEMP%\nsh2.tmp\nsisplugin.dll
- %PROGRAM_FILES%\FeixinMedia\ipseccmd.exe
- %TEMP%\nsi4.tmp\modern-wizard.bmp
- %TEMP%\nsi4.tmp\InstallOptions.dll
- %TEMP%\nsh2.tmp\nsExec.dll
- %TEMP%\nsh2.tmp\ns6.tmp
- %TEMP%\nsh2.tmp\ns7.tmp
- %TEMP%\nsh2.tmp\ns5.tmp
- <Текущая директория>\mzone-5949.exe
- %TEMP%\nsh2.tmp\System.dll
- %PROGRAM_FILES%\FeixinMedia\menu.xml
- %PROGRAM_FILES%\FeixinMedia\s0001.xml
- %PROGRAM_FILES%\FeixinMedia\temp0203075000886.ini
- %TEMP%\nsh2.tmp\Internet.dll
- %TEMP%\nsi4.tmp\ioSpecial.ini
- %PROGRAM_FILES%\FeixinMedia\un0203075000886.exe
- %TEMP%\nsh2.tmp\nsRandom.dll
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\nsh2.tmp\ns5.tmp
- %TEMP%\nsh2.tmp\ns6.tmp
- 'tj.#ones.cn':80
- tj.#ones.cn/svr.asp?t=####################################
- DNS ASK tj.#ones.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''