Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ASMessage' = '%PROGRAM_FILES%\AD-Safe\ASMessage.exe'
- '%PROGRAM_FILES%\AD-Safe\ASMessage.exe'
- '%PROGRAM_FILES%\AD-Safe\Adsafe.exe' Icon
- '%PROGRAM_FILES%\AD-Safe\ASMessage.exe' (загружен из сети Интернет)
- '%PROGRAM_FILES%\AD-Safe\Adsafe.exe' (загружен из сети Интернет)
- %HOMEPATH%\Start Menu\Programs\AD-Safe\Ad-SAFE.lnk
- %HOMEPATH%\Desktop\Ad-SAFE.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Ad-SAFE.lnk
- %HOMEPATH%\Start Menu\Programs\AD-Safe\Ad-SAFE A¦°A.lnk
- %PROGRAM_FILES%\AD-Safe\Adsafe.dll2
- %PROGRAM_FILES%\AD-Safe\Adsafe.exe2
- <SYSTEM32>\removeADSafe.exe
- %PROGRAM_FILES%\AD-Safe\ASMessage.exe2
- %PROGRAM_FILES%\AD-Safe\ASMessage.exe2 в %PROGRAM_FILES%\AD-Safe\ASMessage.exe
- %PROGRAM_FILES%\AD-Safe\Adsafe.exe2 в %PROGRAM_FILES%\AD-Safe\Adsafe.exe
- %PROGRAM_FILES%\AD-Safe\Adsafe.dll2 в %PROGRAM_FILES%\AD-Safe\Adsafe.dll
- 'ad##afe.com':80
- 'pr####m.ad-safe.com':80
- http://pr####m.ad-safe.com/Adsafe/removeADSafe.exe
- http://ad##afe.com/api_result.php?mo##################################
- http://pr####m.ad-safe.com/Adsafe/ASMessage.exe
- http://pr####m.ad-safe.com/Adsafe/Adsafe.exe
- http://pr####m.ad-safe.com/Adsafe/Adsafe.dll
- DNS ASK ad##afe.com
- DNS ASK pr####m.ad-safe.com
- ClassName: '' WindowName: 'ASMessage'
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Ad-SAFE'