Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Defender' = '%LOCALAPPDATA%\Microsoft\Windows Defender\Quarantine\svchost.exe'
- System Restore (SR)
- User Account Control (UAC)
- Windows Security Center
- %LOCALAPPDATA%\microsoft\windows defender\quarantine\svchost.exe
- %LOCALAPPDATA%\microsoft\windows defender\quarantine\svchost.exe
- http://www.ei####lantico.com/_eixo_2010/glg/inscripcion-error.php
- DNS ASK ei####lantico.com
- DNS ASK vx##et.pl
- DNS ASK br#####elguaran.com.ar
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''