Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Defender' = '<DRIVERS>\winlogon.exe'
- Registry Editor (RegEdit)
- User Account Control (UAC)
- C:\documento\ms.doc
- http://m2##id.com/tmp/images/http.config
- DNS ASK m2##id.com