Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\netiohlp] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\netiohlp] 'ImagePath' = '"%WINDIR%\SysWOW64\netiohlp\netiohlp.exe"'
- 'netiohlp' "%WINDIR%\SysWOW64\netiohlp\netiohlp.exe"
- 'netiohlp' %WINDIR%\SysWOW64\netiohlp\netiohlp.exe
- из <Полный путь к файлу> в %WINDIR%\syswow64\netiohlp\netiohlp.exe
- '15#.#31.123.2':80
- '12#.#50.175.133':8080
- http://12#.###.175.133:8080/eDhBjn1YSEWtPEB/wF5x2pAICX1gMd/kW0qkqxBDZv6pxVmj/PbU5cQHFK/0AtA75gwp0hDejYB/tUrQpPMt9QF7Jyn/ via 12#.#50.175.133