Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'QdrPack15' = '"%PROGRAM_FILES%\QdrPack\QdrPack15.exe"'
- %PROGRAM_FILES%\QdrPack\QdrPack15.exe
- %PROGRAM_FILES%\QdrPack\QdrPack15.exe
- %PROGRAM_FILES%\ISM\Uninstall.exe
- %TEMP%\nsx2.tmp
- 'be###nads3.com':80
- be###nads3.com/venora/we-install.php?ui###############################################################################
- be###nads3.com/venora/we-connect.php
- DNS ASK be###nads3.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'qdr.bi.mwindow.pack'