Техническая информация
- '<SYSTEM32>\net1.exe' stop WinDefend
- '<SYSTEM32>\net.exe' stop MpsSvc
- '<SYSTEM32>\net.exe' stop MsMpSvc
- '<SYSTEM32>\sc.exe' delete MsMpSvc
- '<SYSTEM32>\net1.exe' stop MsMpSvc
- '<SYSTEM32>\net1.exe' stop MpsSvc
- '<SYSTEM32>\sc.exe' delete MpsSvc
- '<SYSTEM32>\net1.exe' stop security center
- '<SYSTEM32>\sc.exe' delete security center
- '<SYSTEM32>\sc.exe' delete SharedAccess
- '<SYSTEM32>\sc.exe' stop wscsvc
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- '<SYSTEM32>\sc.exe' stop SharedAccess
- '<SYSTEM32>\sc.exe' delete WinDefend
- '<SYSTEM32>\net.exe' stop security center
- '<SYSTEM32>\sc.exe' delete wscsvc
- '<SYSTEM32>\net.exe' stop WinDefend
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: 'RegMonClass' WindowName: '(null)'
- ClassName: 'FileMonClass' WindowName: '(null)'
- %ALLUSERSPROFILE%\Application Data\TEMP\RAIDTest