What is the complete exploitation chain for stealth remote assistance, and where are the connection logs stored?

The chain involves: (1) enabling remote assistance via registry and firewall, (2) hiding the `msra.exe` window, (3) generating an invitation file with a password, (4) having the controller open the file and enter the password, (5) simulating `Left Arrow` + `Enter` to accept the connection, (6) requesting mouse control and simulating the same keystrokes again to grant control. After the session, logs are stored in `%SystemDrive%\Users\user_name\Documents\Remote Assistance Logs` as XML files named by timestamp. The full method is detailed in the Penetration Techniques - Stealth Execution of Windows Remote Assistance article.