Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Sahara] 'ImagePath' = 'system32\drivers\Sahara.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\Sahara] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\Sidney] 'ImagePath' = 'system32\drivers\Sidney.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\Sidney] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scarlet] 'ImagePath' = 'system32\drivers\Scarlet.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scarlet] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\Salvador] 'ImagePath' = 'system32\drivers\Salvador.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\Salvador] 'Start' = '00000000'
- <DRIVERS>\Sahara.sys
- <DRIVERS>\Sidney.sys
- %ProgramFiles%\GuardianEdge\GuardianEdge Device Control Client\<Имя файла>.wav
- %TEMP%\~DF5FCA.tmp
- <DRIVERS>\Scarlet.sys
- <DRIVERS>\Salvador.sys
- ClassName: '' WindowName: 'GuardianEdge Device Control - Offline Access Utility'