TROJ_DLOADER.ZA
Windows 2000, Windows XP, Windows Server 2003
Threat Type:
Trojan
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
Elimina archivos para impedir la ejecución correcta de programas y aplicaciones.
TECHNICAL DETAILS
Instalación
Crea las carpetas siguientes:
- %User Temp%\is-5POVM.tmp
- %User Temp%\is-A8UHB.tmp
- %User Temp%\is-A8UHB.tmp\_isetup
- %Program Files%\WinSCP
- %Program Files%\WinSCP\PuTTY
- %Start Menu%\Programs\WinSCP
- %Start Menu%\Programs\WinSCP\Key tools
(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).
. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).. %Start Menu% es la carpeta Menú Inicio del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Menú Inicio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Menú Inicio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Menú Inicio).)Otras modificaciones del sistema
Elimina los archivos siguientes:
- %Start Menu%\Programs\WinSCP\WinSCP.pif
- %Start Menu%\Programs\WinSCP\WinSCP.url
- %Start Menu%\Programs\WinSCP\WinSCP Web Site.lnk
- %Start Menu%\Programs\WinSCP\WinSCP Web Site.pif
- %Start Menu%\Programs\WinSCP\Support forum.lnk
- %Start Menu%\Programs\WinSCP\Support forum.pif
- %Start Menu%\Programs\WinSCP\Documentation.lnk
- %Start Menu%\Programs\WinSCP\Documentation.pif
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen.pif
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen.url
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen Manual.pif
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen Manual.url
- %Start Menu%\Programs\WinSCP\Key tools\Pageant.pif
- %Start Menu%\Programs\WinSCP\Key tools\Pageant.url
- %Start Menu%\Programs\WinSCP\Key tools\Pageant Manual.pif
- %Start Menu%\Programs\WinSCP\Key tools\Pageant Manual.url
- %Start Menu%\Programs\WinSCP\Key tools\PuTTY Web Site.lnk
- %Start Menu%\Programs\WinSCP\Key tools\PuTTY Web Site.pif
- %Desktop%\WinSCP.pif
- %Desktop%\WinSCP.url
- %User Profile%\SendTo\WinSCP (for upload).pif
- %User Profile%\SendTo\WinSCP (for upload).url
(Nota: %Start Menu% es la carpeta Menú Inicio del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Menú Inicio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Menú Inicio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Menú Inicio).
. %Desktop% es la carpeta Escritorio del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}\Escritorio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Escritorio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Escritorio).. %User Profile% es la carpeta de perfil del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario} y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}).)Agrega las siguientes entradas de registro como parte de la rutina de instalación:
HKEY_CURRENT_USER\Software\Martin Prikryl
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
HKEY_LOCAL_MACHINE\Software\Martin Prikryl\
WinSCP 2
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
directory\shellex\CopyHookHandlers\
WinSCPCopyHook
HKEY_LOCAL_MACHINE\Software\Martin Prikryl\
WinSCP 2\DragExt
HKEY_CLASSES_ROOT\SCP
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP\DefaultIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP\shell\open\
command
HKEY_CLASSES_ROOT\SFTP
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP\DefaultIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP\shell\open\
command
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
NewDirectory
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
SynchronizeChecklist
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
FindFile
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
ConsoleWin
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\History
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\HistoryParams
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Security
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Bookmarks
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Bookmarks\
Local
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Bookmarks\
Remote
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Bookmarks\
ShortCuts
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Bookmarks\
Options
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
Agrega las siguientes entradas de registro:
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
Interface = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\
WinSCP 2
DefaultInterfaceInterface = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ShowAdvancedLoginOptions = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\
WinSCP 2
DefaultInterfaceShowAdvancedLoginOptions = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDExtEnabled = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
Period = "7"
HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\
WinSCP 2
DefaultUpdatesPeriod = "7"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Setup Version = "5.2.3"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: App Path = "%Program Files%\WinSCP"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
InstallLocation = "%Program Files%\WinSCP"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Icon Group = "WinSCP"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: User = "Wilbert"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Setup Type = "full"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Selected Components = "main,shellext,pageant,puttygen,transl,transl\eng"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Deselected Components = "{random characters}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Selected Tasks = "enableupdates,desktopicon,desktopicon\user,sendtohook,urlhandler"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup: Deselected Tasks = "desktopicon\common,quicklaunchicon,searchpath"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
DisplayName = "WinSCP 4.2.5"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
DisplayIcon = "%Program Files%\WinSCP\WinSCP.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
UninstallString = "%Program Files%\WinSCP\unins000.exe "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
QuietUninstallString = "%Program Files%\WinSCP\unins000.exe /SILENT"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
DisplayVersion = "4.2.5"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Publisher = "Martin Prikryl"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
URLInfoAbout = "http://{BLOCKED}p.net"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
HelpLink = "http://{BLOCKED}p.net/forum"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
URLUpdateInfo = "http://{BLOCKED}p.net/eng/download.php"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
NoModify = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
NoRepair = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
InstallDate = "20140330"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Inno Setup CodeFile: SetupType = "custom"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InProcServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\
WinSCP 2\DragExt
Enable = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP
EditFlags = "2"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SCP
BrowserFlags = "8"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP
EditFlags = "2"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SFTP
BrowserFlags = "8"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
RandomSeedFile = "%25APPDATA%25%5Cwinscp.rnd"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PuttyRegistryStorageKey = "Software%5CSimonTatham%5CPuTTY"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmOverwriting = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmResume = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
AutoReadDirectoryAfterOp = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SessionReopenAuto = "1388"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SessionReopenBackground = "7d"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SessionReopenTimeout = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TunnelLocalPortNumberLow = "c35"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TunnelLocalPortNumberHigh = "c3b3"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
CacheDirectoryChangesMaxSize = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ShowFtpWelcomeMessage = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
Logging = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogFileAppend = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogWindowLines = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogProtocol = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogActions = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ContinueOnError = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmCommandSession = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SynchronizeParams = "42"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SynchronizeOptions = "5"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SynchronizeModeAuto = "ffffffff"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SynchronizeMode = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
MaxWatchDirectories = "1f4"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
QueueTransfersLimit = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
QueueAutoPopup = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
QueueRememberPassword = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PuttySession = "WinSCP%20temporary%20session"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PuttyPath = "%25PROGRAMFILES%25%5CPuTTY%5Cputty.exe"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PuttyPassword = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TelnetForFtpInPutty = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
IgnoreCancelBeforeFinish = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
BeepOnFinish = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
BeepOnFinishAfter = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SynchronizeBrowsing = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
KeepUpToDateChangeDelay = "1f4"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ChecksumAlg = "md5"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SessionReopenAutoIdle = "1388"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
AddXToDirectories = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
Masks = "{random characters}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
FileNameCase = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
PreserveReadOnly = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
PreserveTime = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
PreserveRights = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
IgnorePermErrors = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
Text = "rw-r--r--"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
TransferMode = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
ResumeSupport = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
ResumeThreshold = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
ReplaceInvalidChars = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
LocalInvalidChars = "/%5%System Root%%2A%3F"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
CalculateSize = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
NegativeExclude = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
ClearArchive = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
CPSLimit = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
Queue = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
QueueNoConfirmation = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
QueueIndividually = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
NewerOnly = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
CopyParam
CopyParamList = "ffffffff"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
NewDirectory
Valid = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmExitOnCompletion = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogView = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
SynchronizeChecklist
WindowParams = "0;-1;-1;600;450;0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
SynchronizeChecklist
ListParams = "1;1150,1;100,1;80,1;130,1;25,1;100,1;80,1;130,10;1;2;3;4;5;6;7"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
FindFile
WindowParams = "646,481"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
FindFile
ListParams = "3;1125,1;181,1;80,1;122,10;1;2;3"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
ConsoleWin
WindowSize = "570,430"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
CopyOnDoubleClick = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
CopyOnDoubleClickConfirmation = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDAllowMove = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDAllowMoveInit = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDTransferConfirmation = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDWarnLackOfTempSpace = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDWarnLackOfTempSpaceRatio = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DeleteToRecycleBin = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DimmHiddenFiles = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
RenameWholeName = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SelectDirectories = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SelectMask = "%2A.%2A"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ShowHiddenFiles = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ShowInaccesibleDirectories = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmTransferring = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmDeleting = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmRecycling = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmClosingSession = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
UseLocationProfiles = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
UseSharedBookmarks = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
LocaleSafe = "49"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DDExtTimeout = "3e8"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
DefaultDirIsHome = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TemporaryDirectoryAppendSession = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TemporaryDirectoryAppendPath = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
TemporaryDirectoryCleanup = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
ConfirmTemporaryDirectoryCleanup = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PreservePanelState = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
Theme = "OfficeXP"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
PathInCaption = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
MinimizeToTray = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
BalloonNotifications = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
NotificationsTimeout = "a"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
NotificationsStickTime = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
CopyParamAutoSelectNotice = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
SessionToolbarAutoShown = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
LockToolbars = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
AutoOpenInPutty = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
LastMonitor = "ffffffff"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface
VersionHistory = "40205624,stable"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FontName = "Courier%20New"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FontHeight = "fffffff4"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FontStyle = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FontCharset = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
WordWrap = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FindMatchCase = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FindWholeWord = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
FindDown = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
TabSize = "7"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
MaxEditors = "1f4"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
EarlyClose = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor
SDIShellEditor = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
Height = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
Layout = "70,160,160,80,80,80"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
Show = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
LastHideShow = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
QueueView
ToolBar = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
LastCheck = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
HaveResults = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
ShownResults = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
BetaVersions = "2"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
ConnectionType = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
ProxyPort = "1f9"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
ForVersion = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
Version = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
Critical = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Updates
Disabled = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
ToolbarsLayout = "{random characters}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,1;20,0;150,0;125,00;1;8;2;3;4;5;6;7"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
LastLocalTargetDirectory = "%System Root%%5CDocuments%20and%20Settings%5CWilbert%5CMy%20Documents"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
StatusBar = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
WindowParams = "-1;-1;600;400;0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
ViewStyle = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
ShowFullAddress = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
DriveView = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Explorer
DriveViewWidth = "b4"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
CurrentPanel = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
LocalPanelWidth = "{random values}"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
SwappedPanels = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
StatusBar = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
WindowParams = "-1;-1;600;400;0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
ExplorerStyleSelection = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
PreserveLocalDirectory = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
CompareByTime = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
CompareBySize = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
FullRowSelect = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander
TreeOnLeft = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,00;1;2;3;4;5"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
StatusBar = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
DriveView = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
DriveViewHeight = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\LocalPanel
DriveViewWidth = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,0;20,0;150,0;125,00;1;8;2;3;4;5;6;7"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
StatusBar = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
DriveView = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
DriveViewHeight = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Commander\RemotePanel
DriveViewWidth = "64"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogWindowOnStartup = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Logging
LogWindowParams = "-1;-1;500;400"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Security
UseMasterPassword = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
FileMask = "%2A.%2A"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
Editor = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
ExternalEditorText = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
SDIExternalEditor = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\0
DetectMDIExternalEditor = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
FileMask = "%2A.%2A"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
Editor = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
ExternalEditor = "notepad.exe"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
ExternalEditorText = "1"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
SDIExternalEditor = "0"
HKEY_CURRENT_USER\Software\Martin Prikryl\
WinSCP 2\Configuration\Interface\
Editor\1
DetectMDIExternalEditor = "0"
Modifica las siguientes entradas de registro:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
DirectDraw\MostRecentApplication
Name = "iexplore.exe"
(Note: The default value data of the said registry entry is iexplore.exe.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
DirectDraw\MostRecentApplication
ID = "4117b81"
(Note: The default value data of the said registry entry is 41107b81.)
Elimina las siguientes claves de registro:
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
winscp3_is1
Rutina de infiltración
Infiltra los archivos siguientes:
- %User Temp%\is-5povm.tmp\{malware file name}.tmp
- %User Temp%\is-A8UHB.tmp\_isetup\_RegDLL.tmp
- %User Temp%\is-A8UHB.tmp\_isetup\_shfoldr.dll
- %User Temp%\is-A8UHB.tmp\OCSetupHlp.dll
- %Program Files%\WinSCP\unins000.dat
- %Program Files%\WinSCP\is-VLP8F.tmp
- %Program Files%\WinSCP\is-B3TB7.tmp
- %Program Files%\WinSCP\is-87I57.tmp
- %Program Files%\WinSCP\is-TV44J.tmp
- %Program Files%\WinSCP\is-QKNJJ.tmp
- %Program Files%\WinSCP\is-9Q0PU.tmp
- %Program Files%\WinSCP\PuTTY\is-BLU1T.tmp
- %Program Files%\WinSCP\PuTTY\is-UP4J0.tmp
- %Program Files%\WinSCP\PuTTY\is-0GIMO.tmp
- %Program Files%\WinSCP\PuTTY\is-K14GO.tmp
- %Start Menu%\Programs\WinSCP\WinSCP.lnk
- %Start Menu%\Programs\WinSCP\WinSCP Web Site.url
- %Start Menu%\Programs\WinSCP\Support forum.url
- %Start Menu%\Programs\WinSCP\Documentation.url
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen.lnk
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen Manual.lnk
- %Start Menu%\Programs\WinSCP\Key tools\Pageant.lnk
- %Start Menu%\Programs\WinSCP\Key tools\Pageant Manual.lnk
- %Start Menu%\Programs\WinSCP\Key tools\PuTTY Web Site.url
- %Desktop%\WinSCP.lnk
- %User Profile%\SendTo\WinSCP (for upload).lnk
- %User Profile%\Application Data\winscp.rnd
(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).
. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).. %Start Menu% es la carpeta Menú Inicio del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Menú Inicio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Menú Inicio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Menú Inicio).. %Desktop% es la carpeta Escritorio del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}\Escritorio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Escritorio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Escritorio).. %User Profile% es la carpeta de perfil del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario} y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}).)
SOLUTION
Step 1
Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.
Step 2
Eliminar esta clave del Registro
Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.
- In HKEY_CURRENT_USER\Software
- Martin Prikryl
- In HKEY_CURRENT_USER\Software\Martin Prikryl
- WinSCP 2
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- Interface
- In HKEY_LOCAL_MACHINE\Software\Martin Prikryl
- WinSCP 2
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Updates
- In HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
- winscp3_is1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}
- InProcServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\directory\shellex\CopyHookHandlers
- WinSCPCopyHook
- In HKEY_LOCAL_MACHINE\Software\Martin Prikryl\WinSCP 2
- DragExt
- In HKEY_CLASSES_ROOT
- SCP
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP
- DefaultIcon
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP
- shell
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP\shell
- open
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP\shell\open
- command
- In HKEY_CLASSES_ROOT
- SFTP
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP
- DefaultIcon
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP
- shell
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP\shell
- open
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP\shell\open
- command
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- Logging
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- CopyParam
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- NewDirectory
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeChecklist
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- FindFile
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConsoleWin
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- History
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- HistoryParams
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Editor
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- QueueView
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Explorer
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Commander
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- LocalPanel
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- RemotePanel
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- Security
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
- Bookmarks
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Bookmarks
- Local
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Bookmarks
- Remote
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Bookmarks
- ShortCuts
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Bookmarks
- Options
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- 0
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- 1
Step 3
Eliminar este valor del Registro
Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Interface = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\WinSCP 2
- DefaultInterfaceInterface = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ShowAdvancedLoginOptions = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\WinSCP 2
- DefaultInterfaceShowAdvancedLoginOptions = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDExtEnabled = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- Period = "7"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\WinSCP 2
- DefaultUpdatesPeriod = "7"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Setup Version = "5.2.3"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: App Path = "%Program Files%\WinSCP"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- InstallLocation = "%Program Files%\WinSCP"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Icon Group = "WinSCP"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: User = "Wilbert"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Setup Type = "full"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Selected Components = "main,shellext,pageant,puttygen,transl,transl\eng"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Deselected Components = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Selected Tasks = "enableupdates,desktopicon,desktopicon\user,sendtohook,urlhandler"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup: Deselected Tasks = "desktopicon\common,quicklaunchicon,searchpath"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- DisplayName = "WinSCP 4.2.5"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- DisplayIcon = "%Program Files%\WinSCP\WinSCP.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- UninstallString = "%Program Files%\WinSCP\unins000.exe "
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- QuietUninstallString = "%Program Files%\WinSCP\unins000.exe /SILENT"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- DisplayVersion = "4.2.5"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Publisher = "Martin Prikryl"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- URLInfoAbout = "http://{BLOCKED}p.net"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- HelpLink = "http://{BLOCKED}p.net/forum"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- URLUpdateInfo = "http://{BLOCKED}p.net/eng/download.php"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- NoModify = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- NoRepair = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- InstallDate = "20140330"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1
- Inno Setup CodeFile: SetupType = "custom"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InProcServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Martin Prikryl\WinSCP 2\DragExt
- Enable = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP
- EditFlags = "2"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SCP
- BrowserFlags = "8"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP
- EditFlags = "2"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SFTP
- BrowserFlags = "8"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- RandomSeedFile = "%25APPDATA%25%5Cwinscp.rnd"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PuttyRegistryStorageKey = "Software%5CSimonTatham%5CPuTTY"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmOverwriting = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmResume = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- AutoReadDirectoryAfterOp = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SessionReopenAuto = "1388"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SessionReopenBackground = "7d"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SessionReopenTimeout = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TunnelLocalPortNumberLow = "c35"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TunnelLocalPortNumberHigh = "c3b3"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- CacheDirectoryChangesMaxSize = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ShowFtpWelcomeMessage = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- Logging = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogFileAppend = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogWindowLines = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogProtocol = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogActions = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ContinueOnError = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmCommandSession = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeParams = "42"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeOptions = "5"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeModeAuto = "ffffffff"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeMode = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- MaxWatchDirectories = "1f4"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- QueueTransfersLimit = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- QueueAutoPopup = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- QueueRememberPassword = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PuttySession = "WinSCP%20temporary%20session"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PuttyPath = "%25PROGRAMFILES%25%5CPuTTY%5Cputty.exe"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PuttyPassword = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TelnetForFtpInPutty = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- IgnoreCancelBeforeFinish = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- BeepOnFinish = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- BeepOnFinishAfter = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SynchronizeBrowsing = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- KeepUpToDateChangeDelay = "1f4"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ChecksumAlg = "md5"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SessionReopenAutoIdle = "1388"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- AddXToDirectories = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- Masks = "{random characters}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- FileNameCase = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- PreserveReadOnly = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- PreserveTime = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- PreserveRights = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- IgnorePermErrors = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- Text = "rw-r--r--"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- TransferMode = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- ResumeSupport = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- ResumeThreshold = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- ReplaceInvalidChars = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- LocalInvalidChars = "/%5%System Root%%2A%3F"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- CalculateSize = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- NegativeExclude = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- ClearArchive = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- CPSLimit = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- Queue = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- QueueNoConfirmation = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- QueueIndividually = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- NewerOnly = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\CopyParam
- CopyParamList = "ffffffff"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\NewDirectory
- Valid = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmExitOnCompletion = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogView = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\SynchronizeChecklist
- WindowParams = "0;-1;-1;600;450;0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\SynchronizeChecklist
- ListParams = "1;1150,1;100,1;80,1;130,1;25,1;100,1;80,1;130,10;1;2;3;4;5;6;7"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\FindFile
- WindowParams = "646,481"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\FindFile
- ListParams = "3;1125,1;181,1;80,1;122,10;1;2;3"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\ConsoleWin
- WindowSize = "570,430"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- CopyOnDoubleClick = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- CopyOnDoubleClickConfirmation = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDAllowMove = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDAllowMoveInit = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDTransferConfirmation = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDWarnLackOfTempSpace = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDWarnLackOfTempSpaceRatio = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DeleteToRecycleBin = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DimmHiddenFiles = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- RenameWholeName = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SelectDirectories = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SelectMask = "%2A.%2A"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ShowHiddenFiles = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ShowInaccesibleDirectories = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmTransferring = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmDeleting = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmRecycling = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmClosingSession = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- UseLocationProfiles = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- UseSharedBookmarks = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- LocaleSafe = "49"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DDExtTimeout = "3e8"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- DefaultDirIsHome = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TemporaryDirectoryAppendSession = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TemporaryDirectoryAppendPath = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- TemporaryDirectoryCleanup = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- ConfirmTemporaryDirectoryCleanup = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PreservePanelState = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- Theme = "OfficeXP"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- PathInCaption = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- MinimizeToTray = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- BalloonNotifications = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- NotificationsTimeout = "a"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- NotificationsStickTime = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- CopyParamAutoSelectNotice = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- SessionToolbarAutoShown = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- LockToolbars = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- AutoOpenInPutty = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- LastMonitor = "ffffffff"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface
- VersionHistory = "40205624,stable"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FontName = "Courier%20New"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FontHeight = "fffffff4"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FontStyle = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FontCharset = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- WordWrap = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FindMatchCase = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FindWholeWord = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- FindDown = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- TabSize = "7"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- MaxEditors = "1f4"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- EarlyClose = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor
- SDIShellEditor = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\QueueView
- Height = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\QueueView
- Layout = "70,160,160,80,80,80"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\QueueView
- Show = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\QueueView
- LastHideShow = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\QueueView
- ToolBar = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- LastCheck = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- HaveResults = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- ShownResults = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- BetaVersions = "2"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- ConnectionType = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- ProxyPort = "1f9"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- ForVersion = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- Version = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- Critical = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Updates
- Disabled = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- ToolbarsLayout = "{random characters}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,1;20,0;150,0;125,00;1;8;2;3;4;5;6;7"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- LastLocalTargetDirectory = "%System Root%%5CDocuments%20and%20Settings%5CWilbert%5CMy%20Documents"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- StatusBar = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- WindowParams = "-1;-1;600;400;0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- ViewStyle = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- ShowFullAddress = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- DriveView = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Explorer
- DriveViewWidth = "b4"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- CurrentPanel = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- LocalPanelWidth = "{random values}"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- SwappedPanels = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- StatusBar = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- WindowParams = "-1;-1;600;400;0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- ExplorerStyleSelection = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- PreserveLocalDirectory = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- CompareByTime = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- CompareBySize = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- FullRowSelect = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander
- TreeOnLeft = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\LocalPanel
- DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,00;1;2;3;4;5"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\LocalPanel
- StatusBar = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\LocalPanel
- DriveView = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\LocalPanel
- DriveViewHeight = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\LocalPanel
- DriveViewWidth = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\RemotePanel
- DirViewParams = "0;1;0150,1;70,1;101,1;79,1;62,1;55,0;20,0;150,0;125,00;1;8;2;3;4;5;6;7"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\RemotePanel
- StatusBar = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\RemotePanel
- DriveView = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\RemotePanel
- DriveViewHeight = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Commander\RemotePanel
- DriveViewWidth = "64"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogWindowOnStartup = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Logging
- LogWindowParams = "-1;-1;500;400"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Security
- UseMasterPassword = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\0
- FileMask = "%2A.%2A"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\0
- Editor = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\0
- ExternalEditorText = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\0
- SDIExternalEditor = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\0
- DetectMDIExternalEditor = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- FileMask = "%2A.%2A"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- Editor = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- ExternalEditor = "notepad.exe"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- ExternalEditorText = "1"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- SDIExternalEditor = "0"
- In HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration\Interface\Editor\1
- DetectMDIExternalEditor = "0"
Step 4
Restaurar este valor del Registro modificado
Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
- From: Name = "iexplore.exe"
To: Name = ""iexplore.exe""
- From: Name = "iexplore.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
- From: ID = "4117b81"
To: ID = ""41107b81""
- From: ID = "4117b81"
Step 5
Buscar y eliminar estos archivos
- %User Temp%\is-5povm.tmp\{malware file name}.tmp
- %User Temp%\is-A8UHB.tmp\_isetup\_RegDLL.tmp
- %User Temp%\is-A8UHB.tmp\_isetup\_shfoldr.dll
- %User Temp%\is-A8UHB.tmp\OCSetupHlp.dll
- %Program Files%\WinSCP\unins000.dat
- %Program Files%\WinSCP\is-VLP8F.tmp
- %Program Files%\WinSCP\is-B3TB7.tmp
- %Program Files%\WinSCP\is-87I57.tmp
- %Program Files%\WinSCP\is-TV44J.tmp
- %Program Files%\WinSCP\is-QKNJJ.tmp
- %Program Files%\WinSCP\is-9Q0PU.tmp
- %Program Files%\WinSCP\PuTTY\is-BLU1T.tmp
- %Program Files%\WinSCP\PuTTY\is-UP4J0.tmp
- %Program Files%\WinSCP\PuTTY\is-0GIMO.tmp
- %Program Files%\WinSCP\PuTTY\is-K14GO.tmp
- %Start Menu%\Programs\WinSCP\WinSCP.lnk
- %Start Menu%\Programs\WinSCP\WinSCP Web Site.url
- %Start Menu%\Programs\WinSCP\Support forum.url
- %Start Menu%\Programs\WinSCP\Documentation.url
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen.lnk
- %Start Menu%\Programs\WinSCP\Key tools\PuTTYgen Manual.lnk
- %Start Menu%\Programs\WinSCP\Key tools\Pageant.lnk
- %Start Menu%\Programs\WinSCP\Key tools\Pageant Manual.lnk
- %Start Menu%\Programs\WinSCP\Key tools\PuTTY Web Site.url
- %Desktop%\WinSCP.lnk
- %User Profile%\SendTo\WinSCP (for upload).lnk
- %User Profile%\Application Data\winscp.rnd
Step 6
Buscar y eliminar estas carpetas
- %User Temp%\is-5POVM.tmp
- %User Temp%\is-A8UHB.tmp
- %User Temp%\is-A8UHB.tmp\_isetup
- %Program Files%\WinSCP
- %Program Files%\WinSCP\PuTTY
- %Start Menu%\Programs\WinSCP
- %Start Menu%\Programs\WinSCP\Key tools
Step 7
Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como TROJ_DLOADER.ZA En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.
Did this description help? Tell us how we did.