Техническая информация
- %WINDIR%\Tasks\SA.DAT
- '<SYSTEM32>\net1.exe' stop "task scheduler"
- '<SYSTEM32>\reg.exe' delete б░HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Defaultб▒
- '<SYSTEM32>\net.exe' stop "task scheduler"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\5.bat""
- '<SYSTEM32>\net1.exe' user
- %TEMP%\1.tmp\5.bat
- <SYSTEM32>\wbem\Logs\wbemess.log
- <SYSTEM32>\wbem\Logs\wbemcore.log
- <SYSTEM32>\wbem\Logs\wmiadap.log
- <SYSTEM32>\wbem\Logs\wbemprox.log
- <SYSTEM32>\wbem\Logs\mofcomp.log
- <SYSTEM32>\wbem\Logs\FrameWork.log
- <SYSTEM32>\wbem\Logs\setup.log
- <SYSTEM32>\wbem\Logs\replog.log
- <SYSTEM32>\Restore\MachineGuid.txt
- <DRIVERS>\gmreadme.txt
- %TEMP%\1.tmp\5.bat
- %WINDIR%\SchedLgU.Txt
- <SYSTEM32>\eula.txt
- <SYSTEM32>\wbem\Logs\wmiprov.log
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt
- <SYSTEM32>\CatRoot2\dberr.txt
- <SYSTEM32>\CatRoot2\edb00011.log
- <SYSTEM32>\CatRoot2\edb00010.log
- <SYSTEM32>\CatRoot2\edb00013.log
- <SYSTEM32>\CatRoot2\edb00012.log
- <SYSTEM32>\CatRoot2\edb0000D.log
- <SYSTEM32>\CatRoot2\edb.log
- <SYSTEM32>\CatRoot2\edb0000F.log
- <SYSTEM32>\CatRoot2\edb0000E.log
- <SYSTEM32>\CatRoot2\res2.log
- <SYSTEM32>\CatRoot2\res1.log
- <SYSTEM32>\MsDtc\Trace\dtctrace.log
- <SYSTEM32>\MsDtc\MSDTC.LOG
- <SYSTEM32>\CatRoot2\edb00015.log
- <SYSTEM32>\CatRoot2\edb00014.log
- <SYSTEM32>\CatRoot2\edb00017.log
- <SYSTEM32>\CatRoot2\edb00016.log