Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TSVulFWMan' = '%ALLUSERSPROFILE%\Application Data\TSVulFWMan.exe /i 100d0'
- %ALLUSERSPROFILE%\Application Data\TSVulFWMan.exe /i 100d0
- %ALLUSERSPROFILE%\Application Data\mydat.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\getip[1].asp
- %ALLUSERSPROFILE%\Application Data\readme.txt
- %ALLUSERSPROFILE%\Application Data\TSVulFWMan.exe
- %ALLUSERSPROFILE%\Application Data\TSVulFW.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\getip[1].asp
- 'fy##.#hagua911.cn':80
- fy##.#hagua911.cn/fyb/getip.asp?us###################
- DNS ASK fy##.#hagua911.cn
- '10.#.1.1':1034
- ClassName: 'Class_tsvulfw_man_window_0' WindowName: 'Window_tsvulfw_man_window_0'
- ClassName: 'Shell_TrayWnd' WindowName: ''