Техническая информация
- [<HKLM>\SOFTWARE\Classes\vtxfile\Shell\open\command] '' = '%ProgramFiles%\Internet Explorer\minftnet.exe %1'
- %TEMP%\RarSFX0\7a48f2e2f5ae45f5be9bb16db84f106d.exe
- %ProgramFiles%\Internet Explorer\minftnet.exe
- %ProgramFiles%\Internet Explorer\minftnet.ini
- %TEMP%\RarSFX0\7a48f2e2f5ae45f5be9bb16db84f106d.exe
- 'localhost':1037
- 'ca####-impots.com':80
- http://www.ca####-impots.com/acces_service_minitel.php via ca####-impots.com
- DNS ASK www.ca####-impots.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: 'EoEngine'
- ClassName: 'TformTeaTimer' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%TEMP%\RarSFX0\7a48f2e2f5ae45f5be9bb16db84f106d.exe'
- '<SYSTEM32>\rundll32.exe' url.dll,FileProtocolHandler http://www.ca####-impots.com/acces_service_minitel.php
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome