Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '净网先锋' = '%PROGRAM_FILES%\BarClient\MainProX.exe'
- '%PROGRAM_FILES%\BarClient\MainPro.exe'
- '%PROGRAM_FILES%\BarClient\MainProX.exe'
- %PROGRAM_FILES%\BarClient\MainProX.exe
- %PROGRAM_FILES%\BarClient\UnPack.exe
- <SYSTEM32>\MainproCgf.dll
- %PROGRAM_FILES%\BarClient\CfgX.G
- %PROGRAM_FILES%\BarClient\MainPro.exe
- %PROGRAM_FILES%\BarClient\UlSd.exe
- %PROGRAM_FILES%\BarClient\Drvstart.sys
- %PROGRAM_FILES%\BarClient\cnk_kx.dat
- %PROGRAM_FILES%\BarClient\IeImgSnd.dll
- %PROGRAM_FILES%\BarClient\mswinsock.dll
- %PROGRAM_FILES%\BarClient\InstHook.dll
- 'in#.#8qz.com':80
- http://in#.#8qz.com/soft/vpp.ah.ini
- http://in#.#8qz.com/58wangwei/anhui-000006.ah.ini
- DNS ASK in#.#8qz.com
- '10.##5.255.255':26010
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: '' WindowName: 'AnnxePro'
- ClassName: 'Shell_TrayWnd' WindowName: ''