Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Problem Reporting Temp' = '%LOCALAPPDATA%\Aplicativo NetExpress\F0R6M\Z4j9r.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Windows Problem Reporting' = '%LOCALAPPDATA%\Aplicativo NetExpress\F0R6M\Z4j9r.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Problem Reporting' = '%HOMEPATH%\Documents\NetExpress\F0R6M\T9q7f.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoChangeStartMenu' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoClose' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoLogOff' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\] 'NoRun' = '00000000'
- firefox.exe
- %LOCALAPPDATA%\aplicativo netexpress\f0r6m\z4j9r.exe
- %HOMEPATH%\documents\netexpress\f0r6m\t9q7f.exe
- %APPDATA%\semtitulo.cur
- %APPDATA%\arrow1.cur
- %APPDATA%\select1.cur
- %APPDATA%\link1.cur
- %LOCALAPPDATA%\Google\Chrome\User Data\Local State
- %APPDATA%\Mozilla\Firefox\Profiles\gn7ryp3k.default\prefs.js
- http://ip##fo.io/json
- http://jj###eaks.com/modules/ps_categorytree/img/icon/i/index.php
- DNS ASK ip##fo.io
- DNS ASK jj###eaks.com
- ClassName: 'Button' WindowName: ''