Техническая информация
- %WINDIR%\Tasks\DTT Daily Disk Clean.job
- '<SYSTEM32>\net1.exe' user dttserver Tpw15h@rd
- '<SYSTEM32>\schtasks.exe' /create /tn "DTT Daily Disk Clean" /SC Daily /ST 05:30:00 /tr "c:\temp\clean.bat" /ru dttserver /rp Tpw15h@rd
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\selfdel0.bat" "
- '<SYSTEM32>\eventcreate.exe' /ID 1 /L APPLICATION /T INFORMATION /SO DTTDAILYDISKCLEAN /D "DTT Daily Disk Clean has been scheduled"
- '<SYSTEM32>\schtasks.exe' /delete /tn "DTT Daily Disk Clean" /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\batchfile.bat" "
- '<SYSTEM32>\ping.exe' -n 22 127.0.0.1
- '<SYSTEM32>\wbem\wmic.exe' useraccount where name='GX' rename dttserver
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\selfdel0.bat
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\tmp2.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\1.tmp\batchfile.bat