Техническая информация
- '%APPDATA%\ATS EC_Temp_Files\ATSVNC.exe' -kill
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\ping.exe' -n 5 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c %TEMP%\scratch.bat
- %TEMP%\aut6.tmp
- %APPDATA%\ATS EC_Temp_Files\ultravnc.ini
- %TEMP%\aut5.tmp
- %APPDATA%\ATS EC_Temp_Files\ATSVNC.exe
- %TEMP%\scratch.bat
- %APPDATA%\ATS EC_Temp_Files\AEC.exe
- %APPDATA%\ATS EC_Temp_Files\SecureVNCPlugin.dsm
- %TEMP%\aut2.tmp
- %APPDATA%\ATS EC_Temp_Files\ATSsupport.ini
- %TEMP%\aut1.tmp
- %APPDATA%\ATS EC_Temp_Files\logobmp.bmp
- %TEMP%\aut4.tmp
- %APPDATA%\ATS EC_Temp_Files\CCback.bmp
- %TEMP%\aut3.tmp
- %APPDATA%\ATS EC_Temp_Files\ultravnc.ini
- %APPDATA%\ATS EC_Temp_Files\ATSsupport.ini
- %APPDATA%\ATS EC_Temp_Files\AEC.exe
- %APPDATA%\ATS EC_Temp_Files\SecureVNCPlugin.dsm
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %APPDATA%\ATS EC_Temp_Files\logobmp.bmp
- %APPDATA%\ATS EC_Temp_Files\CCback.bmp
- %TEMP%\aut3.tmp
- %TEMP%\aut4.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\~DF5A36.tmp
- %APPDATA%\ATS EC_Temp_Files\ATSVNC.exe
- %TEMP%\aut5.tmp
- %TEMP%\aut6.tmp
- '<IP-адрес в локальной сети>':8081
- 'at###ols.net':8081
- DNS ASK at###ols.net
- ClassName: 'WinVNC Tray Icon' WindowName: ''
- ClassName: 'BUTTON' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''