Adware.Netfilter
* Registry path
hlm_key\SOFTWARE\Caphyon
hlm_key\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6764914E5AD471D4784A9D2F63F584CD\InstallProperties
hlm_key\SOFTWARE\netfilter
hlm_key\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4194676-4DA5-4D17-87A4-D9F2365F48DC}
hlm_key\SYSTEM\CurrentControlSet\Services\netfilter2
* Files path
C\Windows\System32\drivers\netfilter2.sys
C\ProgramData\Microsoft\Windows\Start Menu\Programs\x-rates\x-rates_x64.lnk
C\ProgramData\Microsoft\Windows\Start Menu\Programs\x-rates\x-rates.lnk
C\Program Files\x-rates\ProgramFiles64Folder\netfilter\x-rates.exe
C\Program Files\x-rates\ProgramFiles64Folder\netfilter\netfilter2.sys
C\Program Files\netfilter\x-rates.exe
C\Program Files\netfilter\netfilter2.sys
|
|