Search notes:

NisSrv.exe

NisSrv.exe is the Microsoft Network Realtime Inspection Service

See also

The directory where NisSrv.exe is located.

Links

Sh0ck's tweet:
A DLL Hijacking is present in mpclient.dll also BINARY: `C:\Program Files\Windows Defender\NisSrv.exe`
If you are a blue-teamer, do not watch only `MpCmdRun.exe` but all binaries from Defender.

Index

Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 8 attempt to write a readonly database in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php:78 Stack trace: #0 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(78): PDOStatement->execute(Array) #1 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(30): insert_webrequest_('/notes/Windows/...', 1759406670, '216.73.216.42', 'Mozilla/5.0 App...', NULL) #2 /home/httpd/vhosts/renenyffenegger.ch/httpsdocs/notes/Windows/dirs/ProgramData/Microsoft/Windows-Defender/Platform/_version_/NisSrv_exe(42): insert_webrequest() #3 {main} thrown in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php on line 78