Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360Цч¶Ї·АУщ.exe' = '<SYSTEM32>\360Цч¶Ї·АУщ.exe'
- <SYSTEM32>\PPTV.exe
- <SYSTEM32>\ie.exe
- <SYSTEM32>\SoHuVA_4.0.0.73-b360-c206572790-nsi-s-run-nsi-x.exe
- <SYSTEM32>\ie.exe (downloaded from the Internet)
- <SYSTEM32>\SoHuVA_4.0.0.73-b360-c206572790-nsi-s-run-nsi-x.exe (downloaded from the Internet)
- <SYSTEM32>\PPTV.exe (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a1[1]
- <SYSTEM32>\ie.exe
- <SYSTEM32>\PPTV.exe
- <SYSTEM32>\SoHuVA_4.0.0.73-b360-c206572790-nsi-s-run-nsi-x.exe
- <SYSTEM32>\360Цч¶Ї·АУщ.exe
- 'localhost':1039
- 'xz#.#xooss.com':80
- '18#.#40.144.6':80
- xz#.#xooss.com/a1
- xz#.#xooss.com/a1/ie.exe
- 18#.#40.144.6/ifox/TGSgqpHgo6wGTC5StLupHv5sJms6O5km05SAESqHJGHNs91v/SoHuVA_4.0.0.73-b360-c206572790-nsi-s-run-nsi-x.exe
- xz#.#xooss.com/a1/pptv.exe
- DNS ASK xz#.#xooss.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '{0A376DB5-640F-47ef-B475-39C0A409FCC6}' WindowName: '????????'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''