Техническая информация
- [<HKCU>\Control Panel\Desktop] 'SCRNSAVE.EXE' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Control\SecurityProviders] 'SecurityProviders' = 'msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll'
- [<HKLM>\SYSTEM\ControlSet001\Control\Lsa] 'Security Packages' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] 'DisableNotifications' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] 'EnableFirewall' = '00000000'
- Средство контроля пользовательских учетных записей (UAC)
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\RDP6\TSFTPClient.dll"
- %APPDATA%\RDP6\languk.ini
- %TEMP%\aut3.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %APPDATA%\RDP6\TsCredentials.exe
- %TEMP%\aut3.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'