Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\BDSGRTP] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\BDSafeBrowser] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\BDMWrench] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\bd0001] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\bd0004] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\BDArKit] 'Start' = '00000002'
- '%CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BaiduProtect.exe' -r
- '%TEMP%\171937\setup_hao123link_1.6.4.13__94488378_hao_pg&tt=96287.exe' /S
- '%CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDSGBugRpt.exe' /BSOD
- '%WINDIR%\°Щ¶И\НшЦ·µјєЅ\°Щ¶ИТ»јьЧ°»ъ.exe'
- '%TEMP%\171937\YouQian_Setup.exe' /S
- '%CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BaiduProtect.exe' -s
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\ad.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDKitUtils.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDMDownload.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDMReport.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\DriverManager.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\SafeBrowserHelper.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\7z.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\SafeBrowserDll.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\SafeExplorer.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\SafeExplorer_x64.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDMNet.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\hips.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\safebrowser.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\fileverify.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.CRT\msvcp80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.CRT\msvcr80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\uninst.exe
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDLogicUtils.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BDSGBugRpt.exe
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\app.ico
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\BaiduProtect.exe
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\bdsg0001.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\cache.db-journal
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\cache.db
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\apps.db
- <DRIVERS>\BDMWrench.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\apps.db-journal
- %ALLUSERSPROFILE%\Application Data\hao123\config.ini
- %ALLUSERSPROFILE%\Application Data\Baidu\BDSG\BDSGCache.rptc
- %HOMEPATH%\Desktop\hao123.lnk
- %ALLUSERSPROFILE%\Application Data\hao123\hao123.exe
- %ALLUSERSPROFILE%\Application Data\hao123\uninstall.exe
- <DRIVERS>\BDSafeBrowser.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\drivers\BDMWrench.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\drivers\BDSafeBrowser.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\drivers\BDArKit.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\drivers\bd0001.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\drivers\bd0004.sys
- %ALLUSERSPROFILE%\Application Data\Baidu\Common\Global.db
- <DRIVERS>\BDArKit.sys
- <DRIVERS>\bd0001.sys
- <DRIVERS>\bd0004.sys
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.CRT\msvcm80.dll
- %TEMP%\baidu\youqian\BaiduYQlog.txt
- %TEMP%\nsx2.tmp
- %WINDIR%\Temp\baidu\youqian\process.cfg
- %TEMP%\171937\oem.ini
- %TEMP%\171937\SoftInfo.ini
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\BDSGRtp_ContainerConfig.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\BDSGRtp_PluginConfig.xml
- <Auxiliary element>
- %TEMP%\nsc3.tmp\System.dll
- %TEMP%\nsc3.tmp\InstallHelper.dll
- %TEMP%\171937\process.cfg
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\°Щ¶ИТ»јьЧ°»ъ.zip
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\BDMSkin.dll
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\°Щ¶ИТ»јьЧ°»ъ.exe
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ.zip
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\К№УГЛµГч-°ІЧ°З°±Ш¶Б.txt
- %TEMP%\171937\setup_hao123link_1.6.4.13__94488378_hao_pg&tt=96287.exe
- %TEMP%\171937\YouQian_Setup.exe
- %TEMP%\171937\CommonRes.rdb
- %TEMP%\171937\BDMSkin.dll
- %TEMP%\171937\InstallHelper.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\{B6D93053-0CAA-4725-A6EB-C7D0FB56BE89}_PluginConfig.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.CRT\msvcp80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.CRT\msvcr80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.CRT\msvcm80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.ATL\atl80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.CRT\msvcr80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.CRT\msvcp80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.CRT\msvcm80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\HIPS.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\BDSGRtpDyn_ContainerConfig.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\BDSGReportPlugin.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\baiduanRepair.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\baidusdRepair.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\plugins\Microsoft.VC80.ATL\atl80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.ATL\atl80.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\dynplugins\BDSGRtpDyn_PluginConfig.xml
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
- %TEMP%\171937\oem.ini
- %TEMP%\171937\process.cfg
- %TEMP%\171937\CommonRes.rdb
- %TEMP%\171937\InstallHelper.dll
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\°Щ¶ИТ»јьЧ°»ъ.exe
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ.zip
- %ALLUSERSPROFILE%\Application Data\Baidu\BDSG\BDSGCache.rptc
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\°Щ¶ИТ»јьЧ°»ъ.zip
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\К№УГЛµГч-°ІЧ°З°±Ш¶Б.txt
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\apps.db-journal
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\apps.db
- <Auxiliary element>
- <SYSTEM32>\ntdll.dll
- %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\cache.db-journal
- %WINDIR%\°Щ¶И\НшЦ·µјєЅ\BDMSkin.dll
- %TEMP%\171937\BDMSkin.dll
- %TEMP%\nsc3.tmp\InstallHelper.dll
- %TEMP%\nsc3.tmp\System.dll
- from %WINDIR%\Temp\baidu\youqian\process.cfg to %CommonProgramFiles%\Baidu\BaiduProtect1.3\1.3.1.306\Data\dt.cfg
- 'localhost':1041
- '12#.#25.114.144':80
- 'localhost':1038
- DNS ASK hb.##.baidu.com
- DNS ASK dr.##.baidu.com
- ClassName: 'InstallWnd' WindowName: '安装软件包'
- ClassName: 'InstallWnd' WindowName: '?????'
- ClassName: 'Shell_TrayWnd' WindowName: ''