Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\yictdf] 'Start' = '00000002'
- %CommonProgramFiles%\bibieru\yictdf.exe
- <SYSTEM32>\calc.exe
- <SYSTEM32>\calc.exe
- %CommonProgramFiles%\bibieru\yictdf.exe
- %CommonProgramFiles%\bibieru\tgroyj.exe
- %CommonProgramFiles%\bibieru\winda.ini
- %CommonProgramFiles%\bibieru\winda.ini
- 'xi####4.3322.org':7887
- DNS ASK xi####4.3322.org
- ClassName: 'MS_WINHELP' WindowName: ''