Technical Information
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wxweb.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wxGameActivity.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\desktoplauncher.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DesktopStart.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deskstart.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BmRender.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bmmotor.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BmInstaller.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOLHelper.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOLweb.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wx8016.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\swdcapp.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\swacapp.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppUtilHD2.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppUtilHD.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LoadDTClient.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SndoPlug.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CBGUARD.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PPSpeedUp.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\accclient.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\acclauncher.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unsecapp.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crashreport.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameDock.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\steamwnd.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\steaminsidewnd.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generalwnd.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SteamPop.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BCweb.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BarClientSafeCenter.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gameactivity.exe] 'Debugger' = 'Debugfile.exe'
- [HKLM\SOFTWARE\Classes\htmlfile\shell\open\command] '' = '"%ProgramFiles(x86)%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [HKLM\SYSTEM\CurrentControlSet\Services\Dhcp] 'Start' = '00000002'
- [HKLM\SYSTEM\ControlSet001\Services\Dhcp] 'Start' = '00000002'
- [HKLM\SYSTEM\CurrentControlSet\Services\EventLog] 'Start' = '00000002'
- [HKLM\SYSTEM\ControlSet001\Services\EventLog] 'Start' = '00000002'
- '<SYSTEM32>\net.exe' user Admin Password /add
- '<SYSTEM32>\net.exe' LocalGroup Administrators Admin /add
- %TEMP%\auta498.tmp
- <SYSTEM32>\syspin.exe
- %TEMP%\auta525.tmp
- <SYSTEM32>\setacl.exe
- %TEMP%\auta555.tmp
- <SYSTEM32>\netuser.exe
- %TEMP%\auta565.tmp
- <SYSTEM32>\devcon_x64.exe
- %TEMP%\auta566.tmp
- %HOMEPATH%\desktop\internet explorer.exe
- %TEMP%\auta5b5.tmp
- %HOMEPATH%\desktop\常用工具.exe
- %TEMP%\auta624.tmp
- %HOMEPATH%\desktop\360极速浏览器.exe
- %TEMP%\autf7bd.tmp
- <SYSTEM32>\usbaudio.ini
- %TEMP%\auta498.tmp
- %TEMP%\auta525.tmp
- %TEMP%\auta555.tmp
- %TEMP%\auta565.tmp
- %TEMP%\auta566.tmp
- %TEMP%\auta5b5.tmp
- %TEMP%\auta624.tmp
- %TEMP%\autf7bd.tmp
- %LOCALAPPDATA%\google\chrome\user data\local state
- %APPDATA%\microsoft\windows\start menu\programs\internet explorer (64-bit).lnk
- %APPDATA%\microsoft\windows\start menu\programs\desktop.ini
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_1022&DEV_1485&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A2A1&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7AA4&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A3A1&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A3B1&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_06F9&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_1022&DEV_1486&*"
- '<SYSTEM32>\devcon_x64.exe' disable "ACPI\VEN_INTC&DEV_1056*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_10DE&DEV_1AED&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_1911&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_06A4&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_1022&DEV_148A&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_467D&*"
- '<SYSTEM32>\devcon_x64.exe' find usb\class_01
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7AE8&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7AFC&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_10DE&DEV_1AD9&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7ACC&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7ACF&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7ACD&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7AA3&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7ACE&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A3A3&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_8C22&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_041E&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_8C02*"
- '<SYSTEM32>\devcon_x64.exe' disable "USB\VID_0D8C&PID_000A&REV_*"
- '<SYSTEM32>\devcon_x64.exe' disable "HDAUDIO\FUNC_01&VEN_10DE&DEV_*"
- '<SYSTEM32>\devcon_x64.exe' disable "ACPI\VEN_AMDI&DEV_0030"
- '<SYSTEM32>\devcon_x64.exe' disable "ACPI\VEN_AMDI&DEV_F030"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_06E0&*"
- '<SYSTEM32>\netuser.exe' Admin /pwnexp:y
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A13A&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_7AFD&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A2A3&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_1E3A&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A3BA&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A2BA&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A123&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_8C3A&*"
- '<SYSTEM32>\devcon_x64.exe' disable "PCI\VEN_8086&DEV_A121&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3A3&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_AMDI&DEV_0030"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_1911&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_467D&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "USB\VID_0D8C&PID_000A&REV_*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACF&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C22&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 find usb\class_01 ><SYSTEM32>\USBAudio.ini' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_041E&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A121&*"' (with hidden window)
- '<SYSTEM32>\net.exe' Start EventLog' (with hidden window)
- '<SYSTEM32>\sc.exe' Config Dhcp Start= Auto' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2A3&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_INTC&DEV_1056*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "HDAUDIO\FUNC_01&VEN_10DE&DEV_*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A123&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C net user Admin Password /add' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AA4&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C net LocalGroup Administrators Admin /add' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C NetUser Admin /pwnexp:y' (with hidden window)
- '<SYSTEM32>\net.exe' Start Dhcp' (with hidden window)
- '<SYSTEM32>\sc.exe' Config EventLog Start= Auto' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AA3&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AFC&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3BA&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06F9&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C02*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2A1&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06E0&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AFD&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_AMDI&DEV_F030"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C3A&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_1E3A&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A13A&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3A1&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2BA&*"' (with hidden window)
- '<SYSTEM32>\netsh.exe' ipsec static set policy name=saiteng assign=n' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3B1&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_1486&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_10DE&DEV_1AED&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_10DE&DEV_1AD9&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06A4&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_148A&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_1485&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AE8&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACC&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACE&*"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C Icacls "C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash" /Deny Administrators:(WD,AD)' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACD&*"' (with hidden window)
- '<SYSTEM32>\ie4uinit.exe' -show' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C net user Admin Password /add
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06A4&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_148A&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_1485&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AE8&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACC&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACD&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACE&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AA4&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AFD&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7ACF&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AFC&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_7AA3&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 find usb\class_01 ><SYSTEM32>\USBAudio.ini
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_INTC&DEV_1056*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_1911&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_041E&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C22&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A123&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2A3&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3A3&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_AMDI&DEV_F030"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "ACPI\VEN_AMDI&DEV_0030"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "HDAUDIO\FUNC_01&VEN_10DE&DEV_*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "USB\VID_0D8C&PID_000A&REV_*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_10DE&DEV_1AD9&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_467D&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_10DE&DEV_1AED&*"
- '<SYSTEM32>\cmd.exe' /C Icacls "C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash" /Deny Administrators:(WD,AD)
- '<SYSTEM32>\net1.exe' user Admin Password /add
- '<SYSTEM32>\cmd.exe' /C net LocalGroup Administrators Admin /add
- '<SYSTEM32>\net1.exe' LocalGroup Administrators Admin /add
- '<SYSTEM32>\cmd.exe' /C NetUser Admin /pwnexp:y
- '<SYSTEM32>\sc.exe' Config Dhcp Start= Auto
- '<SYSTEM32>\net.exe' Start Dhcp
- '<SYSTEM32>\net1.exe' Start Dhcp
- '<SYSTEM32>\sc.exe' Config EventLog Start= Auto
- '<SYSTEM32>\net.exe' Start EventLog
- '<SYSTEM32>\net1.exe' Start EventLog
- '<SYSTEM32>\netsh.exe' ipsec static set policy name=saiteng assign=n
- '<SYSTEM32>\icacls.exe' "C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash" /Deny Administrators:(WD,AD)
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06F9&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C02*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_8C3A&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A13A&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_1E3A&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2BA&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3BA&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_06E0&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A121&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A2A1&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3A1&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_8086&DEV_A3B1&*"
- '<SYSTEM32>\cmd.exe' /c devcon_x64 disable "PCI\VEN_1022&DEV_1486&*"
- '<SYSTEM32>\ie4uinit.exe' -show