Technical Information
- '<SYSTEM32>\regsvr32.exe' %WINDIR%\Downloaded Program Files\rsclientprint.dll /s
- '<SYSTEM32>\regsvr32.exe' <SYSTEM32>\IDC_WEB_Fhj.ocx /s
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A03' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A02' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A00' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A06' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A05' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A04' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1807' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1806' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1805' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '180D' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1809' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1808' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1A10' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2000' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2300' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2201' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2107' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2004' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2001' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2100' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1E05' = '00030000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1C00' = '00030000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2200' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2102' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2101' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1804' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1206' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1201' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1200' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1402' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1400' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1207' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 'RecommendedLevel' = '00010000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 'MinLevel' = '00010000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 'CurrentLevel' = '00010000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1004' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1001' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 'Flags' = '00000043'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1405' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1608' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1607' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1803' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1802' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1800' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1601' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1407' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1606' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1605' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1604' = '00000000'
- %WINDIR%\Downloaded Program Files\rsclientprint_1046.rll
- %TEMP%\autF.tmp
- %TEMP%\aut10.tmp
- %TEMP%\aut11.tmp
- %WINDIR%\Downloaded Program Files\rsclientprint_1042.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_1049.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_3082.rll
- %TEMP%\autC.tmp
- %TEMP%\autD.tmp
- %TEMP%\autE.tmp
- %WINDIR%\Downloaded Program Files\rsclientprint_2052.rll
- %TEMP%\aut15.tmp
- %WINDIR%\Downloaded Program Files\rsclientprint_1033.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_1031.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_1028.rll
- %TEMP%\aut16.tmp
- %TEMP%\aut14.tmp
- %TEMP%\aut12.tmp
- %WINDIR%\Downloaded Program Files\rsclientprint_1041.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_1040.rll
- %WINDIR%\Downloaded Program Files\rsclientprint_1036.rll
- %TEMP%\aut13.tmp
- <SYSTEM32>\Termb.dll
- %TEMP%\aut4.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut6.tmp
- <SYSTEM32>\sdtapi.dll
- C:\termb.lic
- %TEMP%\USBDrv.inf
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\USBDrv.sys
- %TEMP%\autA.tmp
- <SYSTEM32>\IDC_WEB_Fhj.ocx
- %WINDIR%\Downloaded Program Files\RSClientPrint-x86.inf
- %WINDIR%\Downloaded Program Files\rsclientprint.dll
- %TEMP%\autB.tmp
- %TEMP%\aut9.tmp
- %TEMP%\aut7.tmp
- <SYSTEM32>\sdtapi_sdt.dll
- <SYSTEM32>\WltRS.dll
- <SYSTEM32>\CVRApi.dll
- %TEMP%\aut8.tmp
- %TEMP%\autF.tmp
- %TEMP%\aut10.tmp
- %TEMP%\autE.tmp
- %TEMP%\autC.tmp
- %TEMP%\autD.tmp
- %TEMP%\aut11.tmp
- %TEMP%\aut15.tmp
- %TEMP%\aut16.tmp
- %TEMP%\aut14.tmp
- %TEMP%\aut12.tmp
- %TEMP%\aut13.tmp
- %TEMP%\aut4.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut6.tmp
- %TEMP%\autA.tmp
- %TEMP%\autB.tmp
- %TEMP%\aut9.tmp
- %TEMP%\aut7.tmp
- %TEMP%\aut8.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'