Техническая информация
- '<SYSTEM32>\taskkill.exe' /IM WsAppService.exe /F
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="Intelegent Service" dir=in action=allow protocol=TCP localport=6262
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="Intelegent Services" dir=in action=allow protocol=UDP localport=6262
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="Intelegent Service" dir=out action=allow protocol=TCP localport=6262
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="Intelegent Services" dir=out action=allow protocol=UDP localport=6262
- '<SYSTEM32>\taskkill.exe' /IM AAS.exe /F
- <Текущая директория>\googles.exe
- %WINDIR%\ime\imesc\help\grichisch.lng
- %WINDIR%\ime\imesc\help\mswinsck.ocx
- %WINDIR%\ime\imesc\help\ntsvc.oca
- %WINDIR%\ime\imesc\help\ntsvc.ocx
- %WINDIR%\ime\imesc\help\service.exe
- %WINDIR%\ime\imesc\help\service.ini
- %WINDIR%\ime\imesc\help\unins000.dat
- %WINDIR%\ime\imesc\help\unins000.exe
- %WINDIR%\ime\imesc\help\aas_login.exe
- %WINDIR%\ime\imesc\help\aas_login.ini
- %WINDIR%\debug\publisher\windows\run2.xml
- %WINDIR%\ime\imesc\help\bmp2jpeg.dll
- %WINDIR%\ime\imesc\help\service.bat
- %WINDIR%\temp\wsappservice.exe
- %WINDIR%\help\windows\chrome.exe
- %WINDIR%\ime\imetc\chrome.exe
- %WINDIR%\temp\fa5399f6-f026-4fgf-ada3-68dd97\chrome.exe
- %WINDIR%\temp\a75399f6-f026-4fb5-ada3-68d832bcffd3-sigs\chromes.exe
- <DRIVERS>\etc\chromes.exe
- %WINDIR%\pla\system\chromes.exe
- <SYSTEM32>\chromes.exe
- C:\programdata\oracle\java\chromes.exe
- %WINDIR%\ime\imesc\help\htdocs\~snap.jpg
- %WINDIR%\ime\imesc\help\english.lng
- %WINDIR%\ime\imesc\help\htdocs\menu.htm
- %WINDIR%\ime\imesc\help\htdocs\main.htm
- %WINDIR%\ime\imesc\help\htdocs\main.css
- %WINDIR%\debug\publisher\googles.exe
- %WINDIR%\debug\publisher\windows\control.bat
- %WINDIR%\debug\publisher\windows\chromes.exe
- nul
- %WINDIR%\debug\publisher\windows\network.vbs
- %WINDIR%\debug\publisher\windows\network2.vbs
- %WINDIR%\debug\publisher\windows\administrator.xml
- %WINDIR%\debug\publisher\windows\run-d2.xml
- %WINDIR%\debug\publisher\windows\run-d3.xml
- %WINDIR%\debug\publisher\windows\run-d4.xml
- %TEMP%\dw.log
- %WINDIR%\ime\imesc\help\deutsch.lng
- %WINDIR%\debug\publisher\windows\run1.xml
- %WINDIR%\debug\publisher\windows\run.xml
- %WINDIR%\debug\publisher\windows\sc.bat
- %WINDIR%\debug\publisher\windows\chrome.exe
- %WINDIR%\debug\publisher\windows\wsappservice.exe
- %WINDIR%\debug\publisher\windows\aas.exe
- %WINDIR%\debug\publisher\windows\network.bat
- %WINDIR%\ime\imesc\help\htdocs\header.htm
- %WINDIR%\ime\imesc\help\htdocs\images\back.jpg
- %WINDIR%\ime\imesc\help\htdocs\images\space.gif
- %WINDIR%\ime\imesc\help\htdocs\index.htm
- <Текущая директория>\temp.bat
- %WINDIR%\debug\publisher\windows\run-d1.xml
- %TEMP%\10de6f.dmp
- <Текущая директория>\temp.bat
- %WINDIR%\debug\publisher\windows\control.bat
- %WINDIR%\debug\publisher\windows\network.vbs
- %WINDIR%\debug\publisher\windows\network2.vbs
- %WINDIR%\debug\publisher\windows\sc.bat
- %WINDIR%\debug\publisher\windows\network.bat
- <Текущая директория>\googles.exe
- %WINDIR%\debug\publisher\windows\sc.bat
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: ''
- '%WINDIR%\debug\publisher\googles.exe' -pAdfr@xc$15
- '%WINDIR%\debug\publisher\windows\chromes.exe'
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Debug\Publisher\Windows\Network.vbs"
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Debug\Publisher\Windows\Network2.vbs"
- '%WINDIR%\debug\publisher\windows\aas.exe'
- '%WINDIR%\temp\fa5399f6-f026-4fgf-ada3-68dd97\chrome.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Debug\Publisher\Windows\sc.bat" "' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Debug\Publisher\Windows\Network.bat" "' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\Temp.bat" "
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\WDI\WMG"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Ras\System"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Chkdsk\CheckDesk"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\UPnP\UPnP"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Windows Error Reporting\Manage Error"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\MUI\Manangement"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Multimedia\System"
- '<SYSTEM32>\netsh.exe' advfirewall firewall delete rule name="Intelegent Service"
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\Defrag\Defragment System" /F
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\WDI\WMG" /F
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Multimedia\System"
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\Defrag\Defragment System"
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\Ras\System" /F
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\Windows Error Reporting\Manage Error" /F
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\MUI\Manangement" /F
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\Multimedia\System" /F
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run.xml" /tn "Microsoft\Windows\Defrag\Defragment System"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run1.xml" /tn "Microsoft\Windows\WDI\WMG"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run2.xml" /tn "Microsoft\Windows\Ras\System"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\administrator.xml" /tn "Microsoft\Windows\Chkdsk\CheckDesk"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run-d1.xml" /tn "Microsoft\Windows\UPnP\UPnP"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run-d2.xml" /tn "Microsoft\Windows\Windows Error Reporting\Manage Error"
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run-d3.xml" /tn "Microsoft\Windows\MUI\Manangement"
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\Chkdsk\CheckDesk" /F
- '<SYSTEM32>\schtasks.exe' /DELETE /tn "Microsoft\Windows\UPnP\UPnP" /F
- '<SYSTEM32>\schtasks.exe' /Run /tn "Microsoft\Windows\MUI\Manangement"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\Windows Error Reporting\Manage Error"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\UPnP\UPnP"
- '<SYSTEM32>\cmd.exe' /c copy "Googles.exe" "%WINDIR%\Debug\Publisher\"
- '<SYSTEM32>\cmd.exe' /c copy "Temp.exe" "%WINDIR%\Debug\Publisher\"
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe C:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe d:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe e:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe <Имя диска съемного носителя>:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe g:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe h:\ /y
- '<SYSTEM32>\cmd.exe' /c copy Temp.exe l:\ /y
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\Debug\Publisher\Googles.exe -pAdfr@xc$15
- '<SYSTEM32>\cmd.exe' /c DEL /F /Q /A Googles.exe
- '<SYSTEM32>\cmd.exe' /c md "%WINDIR%\Debug\Publisher\Windows\"
- '<SYSTEM32>\cmd.exe' /c DEL /F /Q /A Temp.bat
- '<SYSTEM32>\tasklist.exe' /FI "IMAGENAME eq Chromes.exe"
- '<SYSTEM32>\find.exe' /I /N "Chromes.exe"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Debug\Publisher\Windows\sc.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Debug\Publisher\Windows\Network.bat" "
- '<SYSTEM32>\tasklist.exe' /FI "IMAGENAME eq WsAppService.exe"
- '<SYSTEM32>\find.exe' /I /N "WsAppService.exe"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\Defrag\Defragment System"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\WDI\WMG"
- '<SYSTEM32>\netsh.exe' advfirewall firewall delete rule name="Intelegent Services"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\Ras\System"
- '<SYSTEM32>\schtasks.exe' /Run /I /tn "Microsoft\Windows\Chkdsk\CheckDesk"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Debug\Publisher\Windows\Control.bat" "
- '<SYSTEM32>\schtasks.exe' /Create /XML "%WINDIR%\Debug\Publisher\Windows\run-d4.xml" /tn "Microsoft\Windows\Multimedia\System"
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1616