Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GTA5recoveryTools' = '%APPDATA%\Roaming\GTA5recoveryTools.exe'
- '%TEMP%\RECOVERY TOOL.EXE'
- '%APPDATA%\Roaming\GTA5recoveryTools.exe' /AutoIt3ExecuteScript "%TEMP%\531876" "%APPDATA%\Roaming\GTA5recoveryTools.exe"
- '%APPDATA%\Roaming\GTA5recoveryTools.exe'
- '<SYSTEM32>\taskmgr.exe'
- <SYSTEM32>\taskmgr.exe
- %TEMP%\112394
- %TEMP%\aut31D9.tmp
- %APPDATA%\Roaming\GTA5recoveryTools.exe
- %TEMP%\aut32C4.tmp
- %TEMP%\RECOVERY TOOL.EXE
- %TEMP%\531876
- %TEMP%\aut3341.tmp
- %TEMP%\autF853.tmp
- %TEMP%\372260
- %TEMP%\autF7B6.tmp
- %TEMP%\6MgT7CPJYK
- %TEMP%\672366
- %TEMP%\g34g34cc
- %TEMP%\autF8B2.tmp
- %TEMP%\aut3341.tmp
- %TEMP%\aut32C4.tmp
- %TEMP%\incl1
- %TEMP%\incl2
- %TEMP%\autF853.tmp
- %TEMP%\autF7B6.tmp
- %TEMP%\aut31D9.tmp
- %TEMP%\autF8B2.tmp
- %TEMP%\6MgT7CPJYK в %TEMP%\incl1
- %TEMP%\g34g34cc в %TEMP%\incl2
- DNS ASK dn#.##ftncsi.com
- DNS ASK ki#####n83.zapto.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''