Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Security' = '%TEMP%\winlogin.exe'
- ClassName: 'FileMonClass', WindowName: ''
- ClassName: 'OLLYDBG', WindowName: ''
- 'pr#.ovh.net':80
- http://pr#.ovh.net/~etoileci/libraries/bitfolge/1/contador.php
- DNS ASK pr#.ovh.net