Техническая информация
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\net.exe' stop MpsSvc
- '<SYSTEM32>\net.exe' stop WinDefend
- '<SYSTEM32>\net.exe' stop security center
- '<SYSTEM32>\net.exe' stop MsMpSvc
- ClassName: 'FileMonClass', WindowName: ''
- ClassName: 'RegMonClass', WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- %ALLUSERSPROFILE%\Application Data\TEMP\RAIDTest
- '<SYSTEM32>\sc.exe' stop SharedAccess
- '<SYSTEM32>\sc.exe' delete SharedAccess
- '<SYSTEM32>\sc.exe' delete MpsSvc
- '<SYSTEM32>\sc.exe' stop wscsvc
- '<SYSTEM32>\sc.exe' delete wscsvc
- '<SYSTEM32>\net1.exe' stop MpsSvc
- '<SYSTEM32>\sc.exe' delete WinDefend
- '<SYSTEM32>\sc.exe' delete security center
- '<SYSTEM32>\sc.exe' delete MsMpSvc
- '<SYSTEM32>\net1.exe' stop WinDefend
- '<SYSTEM32>\net1.exe' stop security center
- '<SYSTEM32>\net1.exe' stop MsMpSvc