Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'systemup' = '"%WINDIR%\systemup.exe" stand'
- %WINDIR%\systemup.exe stand
- <SYSTEM32>\netstat.exe -ano
- <SYSTEM32>\taskkill.exe /F /IM systemup.exe
- %WINDIR%\systemup.exe
- '25#.#55.255.255':8080
- '93.##8.134.11':80
- 'su####arsinfo.net':80
- '19#.0.6.135':43
- su####arsinfo.net/distrib_serv/ip_list.php
- 93.##8.134.11/bar/firefox/YandexBar.xpi
- su####arsinfo.net/udp/getip.php
- su####arsinfo.net/udp/knock.php?si#######################
- DNS ASK su####arsinfo.net
- DNS ASK do####ad.yandex.ru
- DNS ASK yandex.ru
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: ''