Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svch0st' = '"%HOMEPATH%\svch0st.exe"'
- %HOMEPATH%\svch0st.exe
- %WINDIR%\NOTEPAD.EXE
- %HOMEPATH%\svch0st.exe
- %HOMEPATH%\svch0st.exe
- '98.##6.64.66':1035
- ClassName: 'Indicator' WindowName: ''