Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost67.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost109.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost767.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost408.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost748.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost275.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost379.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost709.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost815.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost722.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost802.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost930.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost452.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost657.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost721.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost253.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost816.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost897.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost357.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost711.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost804.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost724.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost575.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost65.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost287.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost120.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost148.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost346.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost414.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost463.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Driver Component' = '"<SYSTEM32>\drvhost154.exe"'
- <SYSTEM32>\drvhost67.exe
- <SYSTEM32>\drvhost109.exe
- <SYSTEM32>\drvhost767.exe
- <SYSTEM32>\drvhost408.exe
- <SYSTEM32>\drvhost748.exe
- <SYSTEM32>\drvhost275.exe
- <SYSTEM32>\drvhost379.exe
- <SYSTEM32>\drvhost709.exe
- <SYSTEM32>\drvhost815.exe
- <SYSTEM32>\drvhost722.exe
- <SYSTEM32>\drvhost802.exe
- <SYSTEM32>\drvhost930.exe
- <SYSTEM32>\drvhost452.exe
- <SYSTEM32>\drvhost657.exe
- <SYSTEM32>\drvhost721.exe
- <SYSTEM32>\drvhost253.exe
- <SYSTEM32>\drvhost816.exe
- <SYSTEM32>\drvhost897.exe
- <SYSTEM32>\drvhost357.exe
- <SYSTEM32>\drvhost711.exe
- <SYSTEM32>\drvhost804.exe
- <SYSTEM32>\drvhost724.exe
- <SYSTEM32>\drvhost575.exe
- <SYSTEM32>\drvhost65.exe
- <SYSTEM32>\drvhost287.exe
- <SYSTEM32>\drvhost120.exe
- <SYSTEM32>\drvhost148.exe
- <SYSTEM32>\drvhost346.exe
- <SYSTEM32>\drvhost414.exe
- <SYSTEM32>\drvhost463.exe
- <SYSTEM32>\drvhost154.exe
- <SYSTEM32>\drvhost67.exe
- <SYSTEM32>\drvhost408.exe
- <SYSTEM32>\drvhost767.exe
- <SYSTEM32>\drvhost109.exe
- <SYSTEM32>\drvhost748.exe
- <SYSTEM32>\drvhost253.exe
- <SYSTEM32>\drvhost379.exe
- <SYSTEM32>\drvhost275.exe
- <SYSTEM32>\drvhost815.exe
- <SYSTEM32>\drvhost930.exe
- <SYSTEM32>\drvhost802.exe
- <SYSTEM32>\drvhost722.exe
- <SYSTEM32>\drvhost452.exe
- <SYSTEM32>\drvhost709.exe
- <SYSTEM32>\drvhost721.exe
- <SYSTEM32>\drvhost657.exe
- <SYSTEM32>\drvhost816.exe
- <SYSTEM32>\drvhost711.exe
- <SYSTEM32>\drvhost357.exe
- <SYSTEM32>\drvhost897.exe
- <SYSTEM32>\drvhost804.exe
- %ALLUSERSPROFILE%\Application Data\WinDefender.exe
- <SYSTEM32>\drvhost575.exe
- <SYSTEM32>\drvhost724.exe
- <SYSTEM32>\drvhost287.exe
- <SYSTEM32>\drvhost346.exe
- <SYSTEM32>\drvhost148.exe
- <SYSTEM32>\drvhost120.exe
- <SYSTEM32>\drvhost414.exe
- <SYSTEM32>\drvhost65.exe
- <SYSTEM32>\drvhost154.exe
- <SYSTEM32>\drvhost463.exe
- <SYSTEM32>\drvhost67.exe
- <SYSTEM32>\drvhost109.exe
- <SYSTEM32>\drvhost767.exe
- <SYSTEM32>\drvhost408.exe
- <SYSTEM32>\drvhost748.exe
- <SYSTEM32>\drvhost275.exe
- <SYSTEM32>\drvhost379.exe
- <SYSTEM32>\drvhost709.exe
- <SYSTEM32>\drvhost815.exe
- <SYSTEM32>\drvhost722.exe
- <SYSTEM32>\drvhost802.exe
- <SYSTEM32>\drvhost930.exe
- <SYSTEM32>\drvhost452.exe
- <SYSTEM32>\drvhost657.exe
- <SYSTEM32>\drvhost721.exe
- <SYSTEM32>\drvhost253.exe
- <SYSTEM32>\drvhost816.exe
- <SYSTEM32>\drvhost897.exe
- <SYSTEM32>\drvhost357.exe
- <SYSTEM32>\drvhost711.exe
- <SYSTEM32>\drvhost804.exe
- <SYSTEM32>\drvhost724.exe
- <SYSTEM32>\drvhost575.exe
- <SYSTEM32>\drvhost65.exe
- <SYSTEM32>\drvhost287.exe
- <SYSTEM32>\drvhost120.exe
- <SYSTEM32>\drvhost148.exe
- <SYSTEM32>\drvhost346.exe
- <SYSTEM32>\drvhost414.exe
- <SYSTEM32>\drvhost463.exe
- <SYSTEM32>\drvhost154.exe