Техническая информация
- '<SYSTEM32>\net1.exe' stop MsMpSvc
- '<SYSTEM32>\alg.exe' /pid=3988
- '<SYSTEM32>\net1.exe' stop WinDefend
- '<SYSTEM32>\net1.exe' stop security center
- '<SYSTEM32>\net1.exe' /c rd %systemdrive%\Program Files (x86)\HitmanPro /q /s
- '<SYSTEM32>\net1.exe' /c rd %systemdrive%\Program Files (x86)\Startupeye /q /s
- '<SYSTEM32>\net1.exe' /c rd %systemdrive%\Program Files (x86)\Immunet /q /s
- '<SYSTEM32>\sc.exe' /c rd %systemdrive%\Program Files (x86)\McAfee Security Scan /q /s
- '<SYSTEM32>\net.exe' stop WinDefend
- '<SYSTEM32>\net.exe' stop security center
- '<SYSTEM32>\sc.exe' stop SharedAccess
- '<SYSTEM32>\net.exe' stop MpsSvc
- '<SYSTEM32>\net1.exe' stop MpsSvc
- '<SYSTEM32>\sc.exe' config wuauserv start= disabled
- '<SYSTEM32>\net.exe' stop MsMpSvc
- '<SYSTEM32>\sc.exe' stop wscsvc
- <SYSTEM32>\net.exe
- <SYSTEM32>\sc.exe
- <SYSTEM32>\net1.exe
- AVGCTRL.EXE
- ZONEALARM.EXE
- AVP32.EXE
- NAVAPW32.EXE
- AVPM.EXE
- AVPCC.EXE
- ashAvast.exe
- fsavgui.exe
- bdagent.exe
- AVP.EXE
- avgcc.exe
- fsav32.exe
- fsav.exe
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: 'RegMonClass' WindowName: '(null)'
- ClassName: 'FileMonClass' WindowName: '(null)'
- %ALLUSERSPROFILE%\Application Data\Licenses\064841B6A0A43EBA2.Lic
- %ALLUSERSPROFILE%\Application Data\TEMP\RAIDTest