Technical Information
- [<HKLM>\System\CurrentControlSet\Services\ADSchemeIntegrity] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\ADSchemeIntegrity] 'ImagePath' = 'c:\l9ykzuaKVEZx5.exe'
- [<HKLM>\System\CurrentControlSet\Services\ADSchemeIntegrity] 'ImagePath' = '%WINDIR%\ADSchemeIntegrity.exe'
- 'ADSchemeIntegrity' c:\l9ykzuaKVEZx5.exe
- 'ADSchemeIntegrity' %WINDIR%\ADSchemeIntegrity.exe
- %WINDIR%\adschemeintegrity.exe
- %WINDIR%\inf\backport.inf
- '%WINDIR%\adschemeintegrity.exe'