Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'cmdd' = '%CommonProgramFiles%\system32\cmdd.exe'
- ClassName: 'FileMonClass' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- %CommonProgramFiles%\safemode
- 'www.ju####ende.gov.ar':80
- '72.##.88.245':80
- www.ju####ende.gov.ar/images/2009/02/11.jpg
- 72.##.88.245/clientes.php
- DNS ASK www.ju####ende.gov.ar
- '<IP-адрес в локальной сети>':1035