Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\ePaperPrintService] 'Start' = '00000002'
- '%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe' -r ePaperPrintService
- '%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe'
- '%PROGRAM_FILES%\EpsPrintClient\epsescfg.exe'
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe" -r ePaperPrintService
- '%PROGRAM_FILES%\EpsPrintClient\ePsPrtCln.exe'
- '%PROGRAM_FILES%\EpsPrintClient\ActiveX\setup.exe' /S
- '%PROGRAM_FILES%\EpsPrintClient\ActiveX\regnetx.exe'
- '%PROGRAM_FILES%\EpsPrintClient\epscar.exe' "%PROGRAM_FILES%\EpsPrintClient\epsfnxgui.exe" /service
- '%PROGRAM_FILES%\EpsPrintClient\epsfnxgui.exe' /service
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe" -k ePaperPrintService
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "TSKILL" epsprtcln
- '%TEMP%\UAG\EPSClient.exe'
- '%HOMEPATH%\Desktop\vpchkadm.exe'
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "TASKKILL" /im epsprtcln.exe /f
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe" -i
- '%PROGRAM_FILES%\EpsPrintClient\XYNTService.exe' -i
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "TSKILL" epsfnxgui
- '%PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe' "TASKKILL" /im epsfnxgui.exe /f
- '<SYSTEM32>\msiexec.exe' /i%TEMP%\UAG\uag\EPSACT~1.MSI /qn
- '<SYSTEM32>\taskkill.exe' /im epsfnxgui.exe /f
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe' /silent /codebase <SYSTEM32>\EpsClnAx.dll
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\tskill.exe' epsprtcln
- '%WINDIR%\regedit.exe' /s "%PROGRAM_FILES%\EpsPrintClient\epsprintclient.rgg"
- '<SYSTEM32>\tskill.exe' epsfnxgui
- '<SYSTEM32>\taskkill.exe' /im epsprtcln.exe /f
- %HOMEPATH%\Start Menu\Programs\EpsPrintClient\Run Client.lnk
- %PROGRAM_FILES%\EpsPrintClient\uninst.exe
- %HOMEPATH%\Start Menu\Programs\EpsPrintClient\Uninstall.lnk
- %PROGRAM_FILES%\EpsPrintClient\EpsPrintClient.url
- %WINDIR%\Temp\pstoprt.log
- %TEMP%\pstoprt.log
- C:\Config.Msi\32176.rbs
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\setup.manifest
- %WINDIR%\Installer\MSI4.tmp
- %WINDIR%\Installer\32173.msi
- %PROGRAM_FILES%\EpsPrintClient\org\epshared.dll
- %PROGRAM_FILES%\EpsPrintClient\org\epsver.dll
- %PROGRAM_FILES%\EpsPrintClient\org\epsescfg.exe
- %PROGRAM_FILES%\EpsPrintClient\org\vpsrunh.exe
- %PROGRAM_FILES%\EpsPrintClient\org\vpsrvrst.exe
- %PROGRAM_FILES%\EpsPrintClient\org\EmfSplView.exe
- %PROGRAM_FILES%\EpsPrintClient\org\zlib1.dll
- %PROGRAM_FILES%\EpsPrintClient\XYNTService.log
- %PROGRAM_FILES%\EpsPrintClient\org\epunzip.dll
- %PROGRAM_FILES%\EpsPrintClient\org\epscfgrpl.exe
- %PROGRAM_FILES%\EpsPrintClient\org\myunzip.exe
- %TEMP%\CabB.tmp
- %TEMP%\CabD.tmp
- %TEMP%\Cab9.tmp
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
- %TEMP%\Cab7.tmp
- %TEMP%\CabF.tmp
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\org\regnetx.exe
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\ePsPrintClient ActiveX.url
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\org\epsclnax.dll
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\org\setup.inf
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\org\setup.cmd
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\install.log
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\setup.inf
- <SYSTEM32>\epsclnax.dll
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\nsunins.exe
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\setup.exe
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\setup.cmd
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\epsclnax.dll
- %PROGRAM_FILES%\EpsPrintClient\ActiveX\regnetx.exe
- %PROGRAM_FILES%\EpsPrintClient\org\epscar.exe
- %PROGRAM_FILES%\EpsPrintClient\ePsPrtCln.exe
- %PROGRAM_FILES%\EpsPrintClient\epsfnxgui.exe
- %PROGRAM_FILES%\EpsPrintClient\epsprintclient.rgg
- %TEMP%\nsy2.tmp\System.dll
- %PROGRAM_FILES%\EpsPrintClient\vpsrunh.exe
- %PROGRAM_FILES%\EpsPrintClient\config.ini
- %PROGRAM_FILES%\EpsPrintClient\pstoprt.dll
- %PROGRAM_FILES%\EpsPrintClient\XYNTService.exe
- %PROGRAM_FILES%\EpsPrintClient\pslzma.dll
- %PROGRAM_FILES%\EpsPrintClient\mylzma.exe
- %PROGRAM_FILES%\EpsPrintClient\SafeDel.exe
- %TEMP%\UAG\ActiveX.txt
- %TEMP%\spltmp.bmp
- %TEMP%\UAG\uag\EPSActiveX.msi
- %TEMP%\UAG\EPSClient.exe
- %TEMP%\UAG\uag\ClnSetupProd.exe
- %TEMP%\nsy2.tmp\ioSpecial.ini
- %PROGRAM_FILES%\EpsPrintClient\install.log
- %TEMP%\nsz3.tmp
- %HOMEPATH%\Desktop\vpchkadm.exe
- %TEMP%\nsy2.tmp\modern-wizard.bmp
- %TEMP%\nsy2.tmp\InstallOptions.dll
- %PROGRAM_FILES%\EpsPrintClient\org\config.ini
- %PROGRAM_FILES%\EpsPrintClient\org\mylzma.exe
- %PROGRAM_FILES%\EpsPrintClient\org\repltask.exe
- %PROGRAM_FILES%\EpsPrintClient\zlib1.dll
- %PROGRAM_FILES%\EpsPrintClient\org\ePsPrtCln.exe
- %PROGRAM_FILES%\EpsPrintClient\org\SafeDel.exe
- %PROGRAM_FILES%\EpsPrintClient\org\XYNTService.ini
- %PROGRAM_FILES%\EpsPrintClient\org\epsfnxgui.exe
- %PROGRAM_FILES%\EpsPrintClient\org\XYNTService.exe
- %PROGRAM_FILES%\EpsPrintClient\org\pslzma.dll
- %PROGRAM_FILES%\EpsPrintClient\org\pstoprt.dll
- %PROGRAM_FILES%\EpsPrintClient\epsescfg.exe
- %PROGRAM_FILES%\EpsPrintClient\epshared.dll
- %PROGRAM_FILES%\EpsPrintClient\vpsrvrst.exe
- %PROGRAM_FILES%\EpsPrintClient\XYNTService.ini
- %PROGRAM_FILES%\EpsPrintClient\epscar.exe
- %PROGRAM_FILES%\EpsPrintClient\epsver.dll
- %PROGRAM_FILES%\EpsPrintClient\myunzip.exe
- %PROGRAM_FILES%\EpsPrintClient\epunzip.dll
- %PROGRAM_FILES%\EpsPrintClient\epscfgrpl.exe
- %PROGRAM_FILES%\EpsPrintClient\repltask.exe
- %PROGRAM_FILES%\EpsPrintClient\EmfSplView.exe
- %WINDIR%\Installer\MSI4.tmp
- %TEMP%\CabF.tmp
- %TEMP%\CabD.tmp
- %WINDIR%\Installer\32175.ipi
- %WINDIR%\Installer\32173.msi
- C:\Config.Msi\32176.rbs
- %TEMP%\nsz3.tmp
- %HOMEPATH%\Desktop\vpchkadm.exe
- %TEMP%\spltmp.bmp
- %TEMP%\CabB.tmp
- %TEMP%\Cab9.tmp
- %TEMP%\Cab7.tmp
- 'www.download.windowsupdate.com':80
- 'wp#d':80
- '25#.#55.255.255':1660
- www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
- www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
- wp#d/wpad.dat
- DNS ASK www.download.windowsupdate.com
- DNS ASK wp#d
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: 'SysPager' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '#32770' WindowName: ''