Техническая информация
- <SYSTEM32>\net1.exe share h$ /delete
- <SYSTEM32>\net1.exe share i$ /delete
- <SYSTEM32>\net1.exe share f$ /delete
- <SYSTEM32>\net1.exe share g$ /delete
- <SYSTEM32>\net1.exe share j$ /delete
- <SYSTEM32>\net1.exe share <SYSTEM32>\spool\drivers /del
- <SYSTEM32>\ping.exe 127.0.0.1 -n 1
- <SYSTEM32>\net1.exe share ipc$ /delete
- <SYSTEM32>\net1.exe share admin$ /dele
- <SYSTEM32>\net1.exe share e$ /delete
- <SYSTEM32>\reg.exe delete HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers /f
- <SYSTEM32>\reg.exe add HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\new /ve /d {D969A300-E7FF-11d0-A93B-00A0C90F2719}
- %WINDIR%\regedit.exe /s %WINDIR%\Temp\once.reg
- <SYSTEM32>\regsvr32.exe /u /s igfxpph.dll
- <SYSTEM32>\reg.exe delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v HotKeysCmds /f
- <SYSTEM32>\net1.exe share c$ /delete
- <SYSTEM32>\net1.exe share d$ /delete
- <SYSTEM32>\reg.exe delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v IgfxTray /f
- <SYSTEM32>\net1.exe user /delete HelpAssistant
- %TEMP%\aut3.tmp
- %WINDIR%\Temp\once.bat
- %WINDIR%\Temp\once.reg
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %WINDIR%\Temp\once.reg
- %WINDIR%\Temp\Perflib_Perfdata_4c0.dat
- %TEMP%\aut3.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- ClassName: 'RegEdit_RegEdit' WindowName: ''