Техническая информация
- [<HKLM>\Software\Classes\vtxfile\Shell\open\command] '' = '%ProgramFiles(x86)%\Internet Explorer\minftnet.exe %1'
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe' http://www.ne####tisations.fr/net-cotisations-acces.php
- %TEMP%\rarsfx0\synertel_ie.exe
- %TEMP%\installation.exe
- %TEMP%\rarsfx1\instal.exe
- %TEMP%\rarsfx1\minftnet.exe
- %TEMP%\rarsfx1\minftnet.ini
- %ProgramFiles(x86)%\internet explorer\minftnet.exe
- %ProgramFiles(x86)%\internet explorer\minftnet.ini
- %APPDATA%\icone\net_cotisations.ico
- %HOMEPATH%\desktop\net cotisatons.lnk
- %APPDATA%\microsoft\windows\start menu\net cotisatons.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\net cotisatons.lnk
- %APPDATA%\microsoft\internet explorer\quick launch\net cotisatons.lnk
- %TEMP%\rarsfx1\instal.exe
- %TEMP%\rarsfx1\minftnet.exe
- %TEMP%\rarsfx1\minftnet.ini
- %TEMP%\rarsfx0\synertel_ie.exe
- DNS ASK ne####tisations.fr
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'CFenetre' WindowName: 'FenГЄtre provisoire qu\on ne devrait pas voir !'
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\rarsfx0\synertel_ie.exe'
- '%TEMP%\installation.exe'
- '%TEMP%\rarsfx1\instal.exe'
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\installation.exe
- '%WINDIR%\syswow64\cmd.exe' /c start /MAX iexplore http://www.ne####tisations.fr/net-cotisations-acces.php