用户服务中心

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

CN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
服务
扫描仪
Dr.Web vxCube
试用
计算机病毒事件调查
病毒知识库
知识库

技术

术语

教育培训

误区

新闻

Trojan.Siggen13.380

Added to the Dr.Web virus database: 2021-04-02

Virus description added:

Technical Information

Modifies file system
Creates the following files
  • %TEMP%\extae2a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete54b.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete56b.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5aa.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5bb.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5cb.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5dc.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5fc.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete61c.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete63d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete65d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete67d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete68e.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6ae.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6df.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3c5d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6ef.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete70f.tmp
  • <SYSTEM32>\spool\drivers\x64\sete720.tmp
  • <SYSTEM32>\spool\drivers\x64\sete740.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3581.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set366c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3728.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3803.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set38df.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set398b.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3a38.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3af4.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3ba1.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete53a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6be.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete51a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2b8.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete183.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete193.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1b3.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1c4.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1d5.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1e5.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete205.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete226.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete236.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete247.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete257.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete287.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete298.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2c9.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete49b.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2e9.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete309.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete31a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete33a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete35a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete37a.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete38b.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3ab.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3bc.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3dc.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3fc.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete40d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete43c.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete4ea.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4b3e.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set727b.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3ee0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set59f0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5a9c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5ba7.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5cb1.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5dab.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5ea6.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5f62.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set601e.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set60cb.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set61b6.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6282.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set637c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6487.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set666c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3df5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6719.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6813.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set691e.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set69e9.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6ac5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6ba0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6c5c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6d19.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6e04.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6eb0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6fab.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7067.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7133.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set58c6.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete162.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set57db.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4a91.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3f9c.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set40a6.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set41c0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set429b.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set43a5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4490.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set453d.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set45f9.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set46c5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4791.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set484d.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4938.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set49e5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3d19.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5605.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4c19.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4cd5.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4db1.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4e6d.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4f1a.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4fd6.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set50b1.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set518d.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5239.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set52e6.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set53b2.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set547d.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5549.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set56f0.tmp
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set65a0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete142.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdef0.tmp
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dge641.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dm1ccx.lm_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_doka02.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dp131a.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dp70ce.pr_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gaudf1.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gcon04.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gdsl30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gepe30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gf1cxa.cat
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gf1cxa.inf
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gha770.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_ghmm59.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gi1cxn.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h5uiab.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_giptre.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gircd4.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gjl724.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gm1cxa.vi_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gmal31.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_goka02.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gppl06.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gpul04.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gsc0xe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gsc1xe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gu3cxn.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gupa20.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gupa2e.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dd1cxa.cf_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gi0cxe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_daudf1.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_05.ic_
  • %TEMP%\plfae19.tmp
  • %TEMP%\pftaef6~tmp\pftw1.pkg
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapi5.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapix32.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapix64.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpbidi.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpmonb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpshre4.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ecbtegb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_01.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_02.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_03.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_04.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_06.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\eputy48b.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_07.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_08.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_09.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_10.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_11.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427__3.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epipgi20.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epipgi30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epiuiecx.ch_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epset32.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epset64.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epupdate.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epupdate.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\eputy48b.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\oeminf.exe
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete121.tmp
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40mtb.ex_
  • %WINDIR%\syswow64\epsptdve.exe
  • %WINDIR%\syswow64\epprtdrv_001.cab
  • %WINDIR%\syswow64\epsmtl32_000.cab
  • %TEMP%\epstpa64_000.exe
  • %TEMP%\epsdiw64_000.exe
  • %TEMP%\epdevmgr.dll
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setde4d.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setde5e.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setde6e.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setde8e.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdeaf.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdebf.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setded0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf20.tmp
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h8e0xb.dl_
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf40.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf70.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf90.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdfc0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\setdff0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete01f.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete04f.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete06f.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete09f.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0bf.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0d0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0f0.tmp
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete101.tmp
  • %WINDIR%\syswow64\epispc98.exe
  • %ProgramFiles%\epson\printerdrivertemp\spr2880\sete132.tmp
  • %WINDIR%\syswow64\epscmins.dll
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\epsetup.eif
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40rnb.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40rp7.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40sob.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s890xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8b0xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8e2xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8i0xb.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8x2xb.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sagset.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_siins1.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sku327.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sku64b.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\sagent4.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h8b0xb.dl_
  • %ALLUSERSPROFILE%\microsoft\windows\templates\epstplog.txt
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\rescan.exe
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.dat
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.exe
  • %WINDIR%\syswow64\epstp64u_000.cab
  • %WINDIR%\syswow64\epsui64w_000.exe
  • %WINDIR%\syswow64\epsmtl64w_000.dll
  • %WINDIR%\syswow64\epsetup_000.cab
  • %WINDIR%\syswow64\epsptdve_000.exe
  • %WINDIR%\syswow64\epinstu.exe
  • %WINDIR%\syswow64\epprtdrv_000.cab
  • %WINDIR%\syswow64\epsmtl32.dll
  • %WINDIR%\syswow64\epsui64w_000.dat
  • %TEMP%\eps_icon_000.avi
  • %WINDIR%\syswow64\epsetup_001.cab
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7366.tmp
Deletes the following files
  • %TEMP%\extae2a.tmp
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_09.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_10.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_11.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427__3.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epipgi20.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epipgi30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epiuiecx.ch_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epset32.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epupdate.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dp131a.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epupdate.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\eputy48b.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\eputy48b.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_daudf1.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dd1cxa.cf_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dge641.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dm1ccx.lm_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_doka02.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_08.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\epset64.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_07.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapix32.ex_
  • %WINDIR%\syswow64\epsmtl64w_000.dll
  • %WINDIR%\syswow64\epsmtl32.dll
  • %WINDIR%\syswow64\epsui64w_000.dat
  • %WINDIR%\syswow64\epstp64u_000.cab
  • %WINDIR%\syswow64\epsetup_000.cab
  • %WINDIR%\syswow64\epprtdrv_000.cab
  • %TEMP%\plfae19.tmp
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapi5.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebapix64.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_05.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpbidi.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpmonb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ebpshre4.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ecbtegb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_01.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_02.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_03.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_04.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\ee427_06.ic_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_dp70ce.pr_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gaudf1.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gcon04.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40mtb.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40rnb.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40rp7.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s40sob.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s890xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8b0xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8e2xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h8b0xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h8e0xb.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8i0xb.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_siins1.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sku327.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sku64b.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\sagent4.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\epsetup.eif
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\oeminf.exe
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\rescan.exe
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_s8x2xb.da_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_sagset.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_h5uiab.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gupa2e.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gupa20.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gepe30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gf1cxa.cat
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gf1cxa.inf
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gha770.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_ghmm59.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gi0cxe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gi1cxn.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_giptre.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gdsl30.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gircd4.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gm1cxa.vi_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gmal31.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_goka02.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gppl06.ex_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gpul04.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gsc0xe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gsc1xe.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gu3cxn.dl_
  • %TEMP%\pftaef6~tmp\winvista_xp64\e_gjl724.dl_
  • %WINDIR%\syswow64\epsptdve_000.exe
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.dat
  • %WINDIR%\syswow64\epsui64w_000.exe
  • %WINDIR%\syswow64\epprtdrv_001.cab
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epipgi30.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epiuiecx.chm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epset32.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epset64.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epupdate.dat
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epupdate.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\eputy48b.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\eputy48b.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dd1cxa.cfg
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gepe30.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dge641.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dm1ccx.lmd
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_doka02.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dp131a.dat
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dp70ce.prm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gaudf1.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gcon04.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gdsl30.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epipgi20.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_daudf1.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427__3.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ecbtegb.dll
  • %TEMP%\pftaef6~tmp\pftw1.pkg
  • %WINDIR%\syswow64\epinstu.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapi5.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapix32.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapix64.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpbidi.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpmonb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpshre4.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_01.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_10.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_02.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_03.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_04.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_05.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_06.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_07.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_08.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_09.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_11.icm
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gf1cxa.cat
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gf1cxa.inf
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gha770.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8b0xb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8e2xb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8i0xb.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8x2xb.dat
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sagset.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_siins1.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sku327.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40sob.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s890xb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sku64b.dll
  • %WINDIR%\syswow64\epsmtl32_000.cab
  • %TEMP%\epsdiw64_000.exe
  • <SYSTEM32>\epdevmgr.dll
  • %WINDIR%\syswow64\epscmins.dll
  • %WINDIR%\syswow64\epispc98.exe
  • %WINDIR%\syswow64\epsptdve.exe
  • %WINDIR%\syswow64\epsetup_001.cab
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\sagent4.exe
  • %TEMP%\epstpa64_000.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40rp7.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40rnb.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40mtb.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gi0cxe.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gi1cxn.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_giptre.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gircd4.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gjl724.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gm1cxa.vif
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gmal31.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_goka02.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_ghmm59.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gppl06.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gsc0xe.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gsc1xe.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gu3cxn.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gupa20.exe
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gupa2e.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h5uiab.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h8b0xb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h8e0xb.dll
  • %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gpul04.dll
  • %TEMP%\eps_icon_000.avi
  • %TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.exe
Moves the following files
  • from %ALLUSERSPROFILE%\microsoft\windows\templates\epstplog.txt to %ALLUSERSPROFILE%\microsoft\windows\templates\epstplog.bak
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set46c5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gpul04.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4791.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8e2xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set484d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epipgi20.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4938.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epipgi30.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set49e5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gppl06.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3af4.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gepe30.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4a91.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40rnb.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4c19.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapix64.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4cd5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpmonb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4db1.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40mtb.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4e6d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapix32.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4f1a.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8i0xb.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4fd6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dd1cxa.cfg
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4490.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_ghmm59.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set4b3e.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sku64b.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set45f9.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40sob.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set453d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8b0xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set43a5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dp70ce.prm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set429b.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gupa20.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set366c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gjl724.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3728.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s890xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3803.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sku327.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set38df.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s40rp7.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set398b.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\sagent4.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set50b1.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_s8x2xb.dat
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3a38.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_doka02.dll
  • from <SYSTEM32>\spool\drivers\x64\sete720.tmp to <SYSTEM32>\spool\drivers\x64\epupdate.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3ba1.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_goka02.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3d19.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ecbtegb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3df5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gcon04.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3ee0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpbidi.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3f9c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h8b0xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set40a6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gdsl30.dll
  • from <SYSTEM32>\spool\drivers\x64\sete740.tmp to <SYSTEM32>\spool\drivers\x64\epupdate.dat
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set41c0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h8e0xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3c5d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gmal31.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set3581.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gha770.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set518d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_daudf1.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set547d.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gi0cxe.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set666c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_11.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6719.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_03.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6813.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_04.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set691e.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_05.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set69e9.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_06.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6ac5.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_07.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6282.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epupdate.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6ba0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_08.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6d19.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebapi5.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6e04.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427__3.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6eb0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epset32.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6fab.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dp131a.dat
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7067.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epset64.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7133.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dge641.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6487.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_10.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set65a0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_02.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set637c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_01.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set61b6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epiuiecx.chm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete33a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gi1cxn.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5549.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_dm1ccx.lmd
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5605.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\eputy48b.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set56f0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gupa2e.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set57db.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\eputy48b.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set58c6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gi1cxn.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5239.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gaudf1.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set53b2.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_h5uiab.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set52e6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gircd4.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set59f0.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gm1cxa.vif
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5dab.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ebpshre4.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5ea6.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_siins1.exe
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5f62.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_sagset.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set601e.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_giptre.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set60cb.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\epupdate.dat
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5a9c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gsc0xe.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5ba7.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gsc1xe.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set5cb1.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gu3cxn.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete70f.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\sagent4.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6ef.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_sku64b.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6df.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_sku327.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0d0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epipgi20.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0f0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epipgi30.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete101.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epiuiecx.chm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete121.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epset32.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete132.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epset64.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete142.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epupdate.dat
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete226.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_dp131a.dat
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete162.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\epupdate.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete193.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\eputy48b.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1b3.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_daudf1.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1c4.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_dd1cxa.cfg
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1d5.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_dge641.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete1e5.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_dm1ccx.lmd
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete06f.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_10.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete04f.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_09.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete0bf.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427__3.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete01f.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_08.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdff0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_07.icm
  • from %WINDIR%\syswow64\epinstu.exe to %TEMP%\epinstu.exe
  • from %TEMP%\epdevmgr.dll to <SYSTEM32>\epdevmgr.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setde4d.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebapi5.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setde5e.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebapix32.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setde6e.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebapix64.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setde8e.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebpbidi.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete205.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_doka02.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdeaf.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebpmonb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete183.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\eputy48b.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setded0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ecbtegb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf20.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_02.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf40.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_03.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf70.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_04.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdf90.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_05.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdfc0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_06.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdebf.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ebpshre4.dll
  • from %WINDIR%\syswow64\epsmtl32.dll to %TEMP%\epsmtl32.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\setdef0.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_01.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete09f.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\ee427_11.icm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete236.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_dp70ce.prm
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete51a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gupa20.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete54b.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_h5uiab.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete56b.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_h8b0xb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5aa.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_h8e0xb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5bb.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s40mtb.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5cb.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s40rnb.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete4ea.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gu3cxn.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete247.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gaudf1.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete53a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gupa2e.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5dc.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s40rp7.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete65d.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s8e2xb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete67d.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s8i0xb.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete68e.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s8x2xb.dat
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6ae.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_sagset.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete6be.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_siins1.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete5fc.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s40sob.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete61c.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s890xb.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete63d.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_s8b0xb.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set6c5c.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\ee427_09.icm
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set727b.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gf1cxa.cat
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete40d.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gpul04.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete287.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gdsl30.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete298.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gepe30.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2b8.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gf1cxa.cat
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2c9.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gf1cxa.inf
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete2e9.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gha770.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete309.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_ghmm59.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete43c.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gsc0xe.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete49b.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gsc1xe.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete31a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gi0cxe.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete37a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gircd4.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete38b.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gjl724.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3ab.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gm1cxa.vif
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3bc.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gmal31.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3dc.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_goka02.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete3fc.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gppl06.exe
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete257.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_gcon04.dll
  • from %ProgramFiles%\epson\printerdrivertemp\spr2880\sete35a.tmp to %ProgramFiles%\epson\printerdrivertemp\spr2880\e_giptre.dll
  • from %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\set7366.tmp to %TEMP%\{2a733eb1-67a6-44ef-2deb-8f0f8645932c}\e_gf1cxa.inf
Substitutes the following files
  • %ALLUSERSPROFILE%\microsoft\windows\templates\epstplog.txt
  • %WINDIR%\syswow64\epinstu.exe
  • %WINDIR%\syswow64\epsmtl32.dll
Miscellaneous
Creates and executes the following
  • '%TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.exe'
  • '%WINDIR%\syswow64\epsui64w_000.exe' "%TEMP%\pftAEF6~tmp\WINVISTA_XP64\SETUP\SETUP64.EXE" /y:"%TEMP%\pftAEF6~tmp\WINVISTA_XP64\SETUP\SETUP64.EXE"
  • '%TEMP%\epstpa64_000.exe' /HWND:1a0218 /LPARAM:0
  • '%TEMP%\pftaef6~tmp\winvista_xp64\setup\oeminf.exe' /INF:"%ProgramFiles%\EPSON\PrinterDriverTemp\SPR2880\E_GF1CXA.INF"
  • '%TEMP%\pftaef6~tmp\winvista_xp64\setup\rescan.exe' 0
  • '%TEMP%\pftaef6~tmp\winvista_xp64\setup\setup64.exe' ' (with hidden window)
  • '%TEMP%\epstpa64_000.exe' /HWND:1a0218 /LPARAM:0' (with hidden window)

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play
Wechat