Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\srvProtectExtension] 'Start' = '00000002'
- '%APPDATA%\BaseFlash\protect\ProtectExtension.exe'
- %APPDATA%\BaseFlash\protect\utilsDll.dll
- %APPDATA%\BaseFlash\protect\Interop.Shell32.dll
- %APPDATA%\BaseFlash\uninstallkit.exe
- %APPDATA%\BaseFlash\protect\config.xml
- %TEMP%\nse2.tmp\utils.dll
- %TEMP%\nse2.tmp\registry.dll
- %APPDATA%\BaseFlash\protect\ProtectExtension.exe
- %TEMP%\nse2.tmp\SimpleSC.dll
- %TEMP%\nse2.tmp\utils.dll
- %TEMP%\nse2.tmp\SimpleSC.dll
- %TEMP%\nse2.tmp\registry.dll
- 'st#.##seflash.com':443
- DNS ASK st#.##seflash.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'