Technical Information
- [HKLM\System\CurrentControlSet\Services\netsvc] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\netsvc] 'ImagePath' = '<DRIVERS>\svchost.exe service'
- 'netsvc' <DRIVERS>\svchost.exe service
- <DRIVERS>\svchost.exe
- DNS ASK ko#######orpkfgrpo.dyndns.org
- '<DRIVERS>\svchost.exe' service