Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Windows Defender' = 'C:\\Windows\\System32\\drivers\\winlogon.exe '
- User Account Control (UAC)
- from <Full path to file> to %WINDIR%\syswow64\drivers\winlogon.exe
- http://na###ogelas.com/robots.txt
- DNS ASK google.com
- DNS ASK na###ogelas.com