Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\SearchIndexer\desktopsearchservice.exe' = '%APPDATA%\SearchIndexer\desktopsearchservice.exe:*:Enabled:DesktopSearchService'
- '%APPDATA%\SearchIndexer\desktopsearchservice.exe' /inno
- '%TEMP%\is-C3FN6.tmp\ModuleInno.tmp' /SL5="$50036,5018480,118784,%APPDATA%\SearchIndexer\ModuleInno.exe" /VERYSILENT
- '%APPDATA%\SearchIndexer\ModuleInno.exe' /VERYSILENT
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- %TEMP%\is-QMT0Q.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-C3FN6.tmp\ModuleInno.tmp
- %TEMP%\nsf3.tmp\SimpleFC.dll
- %ALLUSERSPROFILE%\Application Data\TEMP:44504F07
- %APPDATA%\SearchIndexer\is-NG6EA.tmp
- %APPDATA%\SearchIndexer\is-GSEC6.tmp
- %TEMP%\nsf3.tmp\System.dll
- %APPDATA%\SearchIndexer\ModuleInno.exe
- %TEMP%\nsf3.tmp\Processes.dll
- %TEMP%\nsz2.tmp
- %APPDATA%\SearchIndexer\pthreadVC2.dll
- %APPDATA%\SearchIndexer\desktopsearchservice.exe
- %APPDATA%\SearchIndexer\cudart32_60.dll
- %TEMP%\is-QMT0Q.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-C3FN6.tmp\ModuleInno.tmp
- %TEMP%\nsf3.tmp\System.dll
- %TEMP%\nsf3.tmp\Processes.dll
- %TEMP%\nsf3.tmp\SimpleFC.dll
- %APPDATA%\SearchIndexer\is-NG6EA.tmp в %APPDATA%\SearchIndexer\SearchIndexer2.exe
- %APPDATA%\SearchIndexer\is-GSEC6.tmp в %APPDATA%\SearchIndexer\SearchIndexer1.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''