Техническая информация
- Системный антивирус (Защитник Windows)
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{573CF21A-66EB-46FF-A10E-3E106B9E21F9}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions] 'exe' = ''
- [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions] 'exe' = ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- <SYSTEM32>\grouppolicy\gpt.ini
- <SYSTEM32>\grouppolicy\machine\registry.pol
- %ALLUSERSPROFILE%\ntuser.pol
- '46.##6.167.187':80
- 'ap#.#yip.com':443
- 'ip##fo.io':443
- http://46.##6.167.187/api/bing_release.php
- 'ap#.#yip.com':443
- 'ip##fo.io':443
- DNS ASK ap#.#yip.com
- DNS ASK ip##fo.io
- ClassName: 'Registry Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- '<SYSTEM32>\svchost.exe' -k secsvcs
- '<SYSTEM32>\raserver.exe' /offerraupdate