Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Host Generic Process] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Host Generic Process] 'ImagePath' = '<DRIVERS>\svchost.exe'
- <DRIVERS>\svchost.exe
- C:\documents and settings\localservice\local settings\application data\slt.exf
- DNS ASK bo##etik.tk
- '<DRIVERS>\svchost.exe'