Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'BaiduNetdiskHost' = '%WINDIR%\SysWOW64\regsvr32.exe'
- %WINDIR%\syswow64\print.exe
- %WINDIR%\svchost.exe
- '10#.#4.114.70':5555
- ClassName: 'CTXOPConntion_Class' WindowName: ''
- '%WINDIR%\syswow64\print.exe'