Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\mssvchelp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\mssvchelp] 'ImagePath' = '%ALLUSERSPROFILE%\Application Data\\Windows\Classes\{63cffd85-651a-fd94-508c-ee5f91712305}\msupdyhd.exe 70047bfd-c0a7-481e-b71e-5...
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\cmd.exe
- %ALLUSERSPROFILE%\Application Data\Windows\Classes\{63cffd85-651a-fd94-508c-ee5f91712305}\msupdyhd.exe
- %ALLUSERSPROFILE%\Application Data\Windows\Classes\{63cffd85-651a-fd94-508c-ee5f91712305}\msupdyhd.exe
- '%ALLUSERSPROFILE%\Application Data\Windows\Classes\{63cffd85-651a-fd94-508c-ee5f91712305}\msupdyhd.exe' 70047bfd-c0a7-481e-b71e-5c4b4589a8e6
- '<SYSTEM32>\svchost.exe' -k secmonitor
- '<SYSTEM32>\cmd.exe'