Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSSCOM] 'Start' = '00000002'
- '%WINDIR%\winsys.exe'
- '<SYSTEM32>\winssco.exe'
- '<SYSTEM32>\net1.exe' start w32time
- '<SYSTEM32>\net1.exe' stop w32time
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\stin.bat
- '<SYSTEM32>\w32tm.exe' /resync
- '<SYSTEM32>\net1.exe' time /setsntp:time.tesekl.info
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\time.bat
- '<SYSTEM32>\net.exe' stop w32time
- '<SYSTEM32>\sc.exe' config w32time start= demand
- %WINDIR%\inf\oem3.inf
- %WINDIR%\stin.bat
- %WINDIR%\inf\oem3.PNF
- <DRIVERS>\SET3.tmp
- %WINDIR%\inf\INFCACHE.0
- %WINDIR%\time.bat
- <SYSTEM32>\winssco.exe
- %WINDIR%\winsys.exe
- %WINDIR%\winyyy.sys
- %WINDIR%\winsys.inf
- %WINDIR%\stin.bat
- <SYSTEM32>\PerfStringBackup.TMP
- %WINDIR%\inf\INFCACHE.2 в %WINDIR%\inf\OLDCACHE.000
- %WINDIR%\inf\INFCACHE.1 в %WINDIR%\inf\INFCACHE.2
- <DRIVERS>\SET3.tmp в <DRIVERS>\winyyy.sys
- DNS ASK ti##.#esekl.info
- '<IP-адрес в локальной сети>':123
- 'ti##.#esekl.info':123