Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\systimeing] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\systimeing] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\systimeing] 'Start' = '00000002'
- C:\OATH.EXE
- <SYSTEM32>\net1.exe start Spooler
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\svchost.exe -k systimeing
- <SYSTEM32>\net.exe stop Spooler
- <SYSTEM32>\net1.exe stop Spooler
- <SYSTEM32>\systimeing.dll
- C:\OATH.EXE
- C:\OATH.EXE
- 'fk###.3322.org':3030
- DNS ASK fk###.3322.org