Technical Information
- [HKCU\software\Microsoft\windows\currentVersion\Run] 'HiSch' = '%ProgramFiles(x86)%\HiSearch\HSSearch.exe'
- %ProgramFiles(x86)%\hisearch\hssvcapp.exe
- %ProgramFiles(x86)%\hisearch\hssvcapp.tlb
- %ProgramFiles(x86)%\hisearch\hshelper.dll
- %ProgramFiles(x86)%\hisearch\hsuninst.exe
- %ProgramFiles(x86)%\hisearch\hsse.dat
- %ProgramFiles(x86)%\hisearch\hssearch.exe
- %ProgramFiles(x86)%\hisearch\hswhk.dll
- %ProgramFiles(x86)%\hisearch\hsskip.dat
- %APPDATA%\hisearch\hsse.dat
- %APPDATA%\hisearch\hsskip.dat
- DNS ASK hi###rchad.com
- '%ProgramFiles(x86)%\hisearch\hssvcapp.exe' /r
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\HiSearch\HSHelper.dll"
- '%ProgramFiles(x86)%\hisearch\hssvcapp.exe' /r' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\HiSearch\HSHelper.dll"' (with hidden window)