Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\lhhelpersvc] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\lhhelpersvc] 'ImagePath' = '"%HOMEPATH%\Local\LHHelper\bwhelperSvc.exe" -r'
- %TEMP%\lhhelper_bin_2382d.zip
- %HOMEPATH%\Local\LHHelper\bwhelper.exe
- %HOMEPATH%\Local\LHHelper\bwhelperSvc.exe
- %HOMEPATH%\Local\LHHelper\UserConfig.ini
- %TEMP%\lhhelper_bin_2382d.zip
- 'localhost':1037
- 'te##.#oftinfo.cn':80
- http://te##.#oftinfo.cn/config/lhhelper.php
- DNS ASK te##.#oftinfo.cn
- ClassName: 'LogView_qqpcmgr' WindowName: ''
- '%HOMEPATH%\Local\LHHelper\bwhelperSvc.exe' -i
- '%HOMEPATH%\Local\LHHelper\bwhelperSvc.exe' -r
- '%HOMEPATH%\Local\LHHelper\bwhelper.exe'