|
|
请问安全日志中显示“安全日志中显示这个msedqe.exe触犯注册表防护规”,反复出现,具体日志如下:
【1】2021-03-20 21:38:44,系统防护,系统加固,msedge.exe触犯注册表防护规则, 已阻止
防护项目:启动项
操作类型:修改
数据内容:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
目标注册表:HKEY_USERS\S-1-5-21-456211737-1650761729-782564711-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MicrosoftEdgeAutoLaunch_BF4FDCB3F7B2AF7EC22BC2798693A581
操作结果:已阻止
进程ID:12064
操作进程:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
操作进程命令行:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --profile-directory=Default
操作进程校验和:41887FCA318D792D49373CED245595384352EFA6
父进程ID:1492
父进程:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
父进程命令行:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --profile-directory=Default
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
[复制链接]
收藏