Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\SearchIndexer\desktopsearchservice.exe' = '%APPDATA%\SearchIndexer\desktopsearchservice.exe:*:Enabled:DesktopSearchService'
- '%APPDATA%\SearchIndexer\desktopsearchservice.exe' /param
- '%TEMP%\is-2ORDH.tmp\ModuleInno.tmp' /SL5="$40092,179828,118784,%APPDATA%\SearchIndexer\ModuleInno.exe" /VERYSILENT
- '%APPDATA%\SearchIndexer\ModuleInno.exe' /VERYSILENT
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: 'RegMonClass' WindowName: '(null)'
- ClassName: 'FileMonClass' WindowName: '(null)'
- %TEMP%\nsy3.tmp\SimpleFC.dll
- %TEMP%\nsy3.tmp\System.dll
- %APPDATA%\SearchIndexer\zlib1.dll
- %TEMP%\is-2ORDH.tmp\ModuleInno.tmp
- %ALLUSERSPROFILE%\Application Data\TEMP:44504F07
- %APPDATA%\SearchIndexer\is-34D9M.tmp
- %TEMP%\is-TMO5E.tmp\_isetup\_shfoldr.dll
- %APPDATA%\SearchIndexer\ModuleInno.exe
- %TEMP%\nsy3.tmp\Processes.dll
- %TEMP%\nsn2.tmp
- %APPDATA%\SearchIndexer\desktopsearchservice.exe
- %APPDATA%\SearchIndexer\pthreadGC2.dll
- %APPDATA%\SearchIndexer\libcurl.dll
- %APPDATA%\SearchIndexer\libcurl-4.dll
- %TEMP%\is-TMO5E.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-2ORDH.tmp\ModuleInno.tmp
- %TEMP%\nsy3.tmp\System.dll
- %TEMP%\nsy3.tmp\Processes.dll
- %TEMP%\nsy3.tmp\SimpleFC.dll
- %APPDATA%\SearchIndexer\is-34D9M.tmp в %APPDATA%\SearchIndexer\SearchIndexer.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'