Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'caci' = '<Полный путь к вирусу>'
- Диспетчера задач (Taskmgr)
- Средство контроля пользовательских учетных записей (UAC)
- '<IP-адрес в локальной сети>':9300
- 'localhost':9300
- ClassName: 'IEFrame' WindowName: '<WINDOWS_KILLER>'
- ClassName: 'IEFrame' WindowName: '<SYSTEM32>\cscript.exe'
- ClassName: 'IEFrame' WindowName: '<Служебное имя>1 (x32) - build Aug 25 2014'
- ClassName: 'IEFrame' WindowName: 'Control Internet'
- ClassName: 'IEFrame' WindowName: '<Служебное имя>'
- ClassName: 'IEFrame' WindowName: 'Tiny H-Pot v1.7'
- ClassName: 'IEFrame' WindowName: 'MS_WebcheckMonitor'
- ClassName: 'IEFrame' WindowName: 'Program Manager'
- ClassName: 'IEFrame' WindowName: 'Power Meter'
- <Служебный элемент>
- ClassName: 'IEFrame' WindowName: 'Connections Tray'
- ClassName: 'IEFrame' WindowName: 'Aviso del Administrador'
- ClassName: 'IEFrame' WindowName: 'CACI ver 8.3 Parental'
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'SBSolutions.CACI.4' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: 'CiceroUIWndFrame'
- ClassName: 'IEFrame' WindowName: 'Opciones'
- ClassName: 'IEFrame' WindowName: 'Registro'
- ClassName: 'IEFrame' WindowName: 'Salir de CACI'
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'IEFrame' WindowName: 'TF_FloatingLangBar_WndTitle'