Atitit.木马病毒自动启动-------------win7计划任务的管理
1. 计划任务的Windows系统中取代AT 的schtasks命令1
2.1. 计划任务列表管理gui版本 %windir%system32 askschd.msc /s1
6. Qa schtasks在win7下提示错误:无法加载列资源 3
1. 计划任务的Windows系统中取代AT 的schtasks命令
、SchTasks.exe 取代了包含在 Windows 早期版本中的工具 At.exe。XP、Vista、Windows7、Windows2003/2008等系统中均可以使用。
2. Win本身的系统计划任务列表
2.1. 计划任务列表管理gui版本 %windir%system32 askschd.msc /s
2.2. 计划任务列表管理cli版本
作者:: 绰号:老哇的爪子 ( 全名::Attilax Akbar Al Rapanui 阿提拉克斯 阿克巴 阿尔 拉帕努伊 ) 汉字名:艾龙, EMAIL:1466519819@qq.com
转载请注明来源: http://www.cnblogs.com/attilax/
3. 360的列表接口ui
4. task Scheduler的计划任务服务
服务对话框中找到名称为Task Scheduler的计划任务服务,
5. 错误日志
、要确认计划运行或要找出计划不运行的原因,请查看“任务计划”服务事务日志 SystemrootSchedLgU.txt。该日志记录了由包括“计划任务”和 SchTasks.exe 在内的所有使用该服务的工具启动的尝试运行。
6. Qa schtasks在win7下提示错误:无法加载列资源
Char encode问题...
查看编码
C:UsersAdministrator>chcp
活动代码页: 936
如使用 936中文GBK编码的话
schtasks.exe /query 会报错
错误: 无法加载列资源。
chcp 65001 就是换成UTF-8代码页走ok兰...
7. 添加一个atitask1任务以后
360的列表显示如下图片
Cli显示
Folder:
TaskName Next Run Time Status
======================================== ====================== ===============
Adobe Flash Player Updater Disabled
atitask1 2016/3/10 14:51:06 Ready
ComputerZ-Tray Disabled
DandelionStarter Disabled
Google Pinyin Daemon Disabled
PowerWord-Notify-AT6T5TKUVHGT0IG_Adminis Disabled
PowerWord-Update-AT6T5TKUVHGT0IG_Adminis Disabled
QQBrowser Updater Task 2016/3/9 16:50:00 Ready
QQBrowser Updater Task(Core) N/A Ready
SogouImeMgr Disabled
WpsNotifyTask_Administrator 2016/3/9 15:00:00 Ready
WpsUpdateTask_Administrator 2016/3/9 15:00:00 Ready
8. 自己创建一个任务通过cli
schtasks /create /tn atitask0309_153509_775 /tr "'D:workspace 空格AtiPlatf�screenUtil.bat'" /sc MINUTE /mo 2
----echo:
成功: 成功创建计划任务 "atitask0309_153509_775"。
注意:: 空格的双引号转义..要多传导一个双引号,不个单个引号trans类k...
9. Schtasks 显示的输出如下
Folder:
TaskName Next Run Time Status
======================================== ====================== ===============
Adobe Flash Player Updater Disabled
ComputerZ-Tray Disabled
DandelionStarter Disabled
Google Pinyin Daemon Disabled
PowerWord-Notify-AT6T5TKUVHGT0IG_Adminis Disabled
PowerWord-Update-AT6T5TKUVHGT0IG_Adminis Disabled
QQBrowser Updater Task 2016/3/9 14:50:00 Ready
QQBrowser Updater Task(Core) N/A Ready
SogouImeMgr Disabled
WpsNotifyTask_Administrator 2016/3/9 15:00:00 Ready
WpsUpdateTask_Administrator 2016/3/9 15:00:00 Ready
Folder: Apple
TaskName Next Run Time Status
======================================== ====================== ===============
AppleSoftwareUpdate Disabled
Folder: Microsoft
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: MicrosoftWindows
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: MicrosoftWindowsActive Directory Rights Management Services Client
TaskName Next Run Time Status
======================================== ====================== ===============
AD RMS Rights Policy Template Management Disabled
AD RMS Rights Policy Template Management N/A Ready
Folder: MicrosoftWindowsAppID
TaskName Next Run Time Status
======================================== ====================== ===============
PolicyConverter Disabled
VerifiedPublisherCertStoreCheck Disabled
Folder: MicrosoftWindowsApplication Experience
TaskName Next Run Time Status
======================================== ====================== ===============
AitAgent Disabled
Folder: MicrosoftWindowsAutochk
TaskName Next Run Time Status
======================================== ====================== ===============
Proxy Disabled
Folder: MicrosoftWindowsBluetooth
TaskName Next Run Time Status
======================================== ====================== ===============
UninstallDeviceTask N/A Ready
Folder: MicrosoftWindowsCertificateServicesClient
TaskName Next Run Time Status
======================================== ====================== ===============
SystemTask N/A Ready
UserTask N/A Ready
UserTask-Roam Disabled
Folder: MicrosoftWindowsCustomer Experience Improvement Program
TaskName Next Run Time Status
======================================== ====================== ===============
Consolidator 2016/3/9 18:00:00 Could not start
KernelCeipTask 2016/3/10 3:30:00 Ready
UsbCeip 2016/3/11 1:30:00 Ready
Folder: MicrosoftWindowsDefrag
TaskName Next Run Time Status
======================================== ====================== ===============
ScheduledDefrag Disabled
Folder: MicrosoftWindowsDiagnosis
TaskName Next Run Time Status
======================================== ====================== ===============
Scheduled 2016/3/13 1:00:00 Ready
Folder: MicrosoftWindowsLocation
TaskName Next Run Time Status
======================================== ====================== ===============
Notifications Disabled
Folder: MicrosoftWindowsMaintenance
TaskName Next Run Time Status
======================================== ====================== ===============
WinSAT 2016/3/13 1:00:00 Ready
Folder: MicrosoftWindowsMemoryDiagnostic
TaskName Next Run Time Status
======================================== ====================== ===============
CorruptionDetector N/A Ready
DecompressionFailureDetector N/A Ready
Folder: MicrosoftWindowsMUI
TaskName Next Run Time Status
======================================== ====================== ===============
LPRemove N/A Ready
Folder: MicrosoftWindowsMultimedia
TaskName Next Run Time Status
======================================== ====================== ===============
SystemSoundsService N/A Running
Folder: MicrosoftWindowsNetTrace
TaskName Next Run Time Status
======================================== ====================== ===============
GatherNetworkInfo Disabled
Folder: MicrosoftWindowsPerfTrack
TaskName Next Run Time Status
======================================== ====================== ===============
BackgroundConfigSurveyor Disabled
Folder: MicrosoftWindowsPLA
TaskName Next Run Time Status
======================================== ====================== ===============
INFO: There are no scheduled tasks presently available at your access level.
Folder: MicrosoftWindowsPower Efficiency Diagnostics
TaskName Next Run Time Status
======================================== ====================== ===============
AnalyzeSystem Disabled
Folder: MicrosoftWindowsRAC
TaskName Next Run Time Status
======================================== ====================== ===============
RacTask 2016/3/9 15:05:17 Ready
Folder: MicrosoftWindowsRas
TaskName Next Run Time Status
======================================== ====================== ===============
MobilityManager N/A Ready
Folder: MicrosoftWindowsRegistry
TaskName Next Run Time Status
======================================== ====================== ===============
RegIdleBackup 2016/3/19 0:25:49 Ready
Folder: MicrosoftWindowsRemoteAssistance
TaskName Next Run Time Status
======================================== ====================== ===============
RemoteAssistanceTask Disabled
Folder: MicrosoftWindowsShell
TaskName Next Run Time Status
======================================== ====================== ===============
WindowsParentalControls Disabled
WindowsParentalControlsMigration Disabled
Folder: MicrosoftWindowsSoftwareProtectionPlatform
TaskName Next Run Time Status
======================================== ====================== ===============
SvcRestartTask Disabled
Folder: MicrosoftWindowsSystemRestore
TaskName Next Run Time Status
======================================== ====================== ===============
SR Disabled
Folder: MicrosoftWindowsTask Manager
TaskName Next Run Time Status
======================================== ====================== ===============
Interactive N/A Ready
Folder: MicrosoftWindowsTcpip
TaskName Next Run Time Status
======================================== ====================== ===============
IpAddressConflict1 N/A Ready
IpAddressConflict2 N/A Ready
Folder: MicrosoftWindowsTextServicesFramework
TaskName Next Run Time Status
======================================== ====================== ===============
MsCtfMonitor N/A Running
Folder: MicrosoftWindowsTime Synchronization
TaskName Next Run Time Status
======================================== ====================== ===============
SynchronizeTime 2016/3/13 1:00:00 Ready
Folder: MicrosoftWindowsUPnP
TaskName Next Run Time Status
======================================== ====================== ===============
UPnPHostConfig N/A Ready
Folder: MicrosoftWindowsUser Profile Service
TaskName Next Run Time Status
======================================== ====================== ===============
HiveUploadTask Disabled
Folder: MicrosoftWindowsWDI
TaskName Next Run Time Status
======================================== ====================== ===============
ResolutionHost N/A Ready
Folder: MicrosoftWindowsWindows Error Reporting
TaskName Next Run Time Status
======================================== ====================== ===============
QueueReporting N/A Ready
Folder: MicrosoftWindowsWindows Filtering Platform
TaskName Next Run Time Status
======================================== ====================== ===============
BfeOnServiceStartTypeChange Disabled
Folder: MicrosoftWindowsWindows Media Sharing
TaskName Next Run Time Status
======================================== ====================== ===============
UpdateLibrary N/A Ready
Folder: MicrosoftWindowsWindowsBackup
TaskName Next Run Time Status
======================================== ====================== ===============
ConfigNotification Disabled
Folder: MicrosoftWindowsWindowsColorSystem
TaskName Next Run Time Status
======================================== ====================== ===============
Calibration Loader Disabled
10. 引用
使用命令行创建计划任务(windows)_百度文库.htm