Technical Information
- [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Full path to file>' = '<Full path to file>:*:Enabled:<File name>'
- [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\syswow64\ipf.exe' = '%WINDIR%\syswow64\ipf.exe:*:Enabled:ip...
- %WINDIR%\syswow64\drivers\winut.dat
- %WINDIR%\syswow64\ipf.exe
- '34.##9.100.209':443
- '%WINDIR%\syswow64\ipf.exe'
- '%WINDIR%\syswow64\ipf.exe' ' (with hidden window)