Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows] 'ImagePath' = '%ProgramFiles%\Yip3LXov.exe -k'
- %ProgramFiles%\Yip3LXov.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\2119205825[1]
- %ProgramFiles%\Yip3LXov.exe
- 'localhost':1036
- 'us##.#zone.qq.com':80
- '<LOCALNET>.0.2':3344
- http://us##.#zone.qq.com/2119205825
- DNS ASK us##.#zone.qq.com
- ClassName: 'MS_WINHELP' WindowName: ''
- '<Full path to file>'
- '%ProgramFiles%\Yip3LXov.exe'