Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\TermService] 'Start' = '00000002'
- %ProgramFiles%\terminalserver\logging\terminalserver.utf8.log
- %HOMEPATH%\ntuser
- %WINDIR%\temp\cprogram filesopera31.0.1889.174opera_autoupdate.download.lock
- %WINDIR%\temp\cprogram filesopera35.0.2066.92opera_autoupdate.download.lock
- %WINDIR%\temp\perflib_perfdata_4c4.dat
- %WINDIR%\temp\perflib_perfdata_568.dat
- %WINDIR%\temp\perflib_perfdata_6f0.dat
- %WINDIR%\temp\perflib_perfdata_740.dat
- %WINDIR%\temp\perflib_perfdata_748.dat
- %WINDIR%\temp\perflib_perfdata_760.dat
- %WINDIR%\temp\perflib_perfdata_8e0.dat
- %WINDIR%\temp\opera autoupdate\installer.exe
- '<SYSTEM32>\rundll32.exe' printui.dll,PrintUIEntry /dl /n "TerminalServer Printer" /q' (со скрытым окном)
- '<SYSTEM32>\rundll32.exe' printui.dll,PrintUIEntry /dl /n "TerminalServer Printer" /q
- '<SYSTEM32>\spoolsv.exe'
- '<SYSTEM32>\alg.exe'