PUP.DriverDoc, RinoReader

by ezclean posted Feb 04, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

PUP.DriverDoc


*file
C:\windows\tasks\driverdoc_updates.job
C:\windows\system32\tasks\driverdocrunatstartup
C:\windows\system32\tasks\driverdoc_updates
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\driverdoc\uninstall driverdoc.lnk
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\driverdoc\register driverdoc.lnk
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\driverdoc\driverdoc.lnk
C:\Prorogram Files\driverdoc\updater\extract\readme.txt
C:\Prorogram Files\driverdoc\updater\extract\license.txt
C:\Prorogram Files\driverdoc\updater\extract\history.txt
C:\Prorogram Files\driverdoc\updater\extract\copying.txt
C:\Prorogram Files\driverdoc\updater\extract\7z.exe
C:\Prorogram Files\driverdoc\updater\amd64helper\driverupdatehelper64.manifest
C:\Prorogram Files\driverdoc\updater\amd64helper\driverupdatehelper64.exe
C:\Prorogram Files\driverdoc\updater\amd64helper\difxapi.dll
C:\Prorogram Files\driverdoc\unrar.dll
C:\Prorogram Files\driverdoc\unins000.msg
C:\Prorogram Files\driverdoc\unins000.exe
C:\Prorogram Files\driverdoc\unins000.dat
C:\Prorogram Files\driverdoc\isxdl.dll
C:\Prorogram Files\driverdoc\install_left_image.bmp
C:\Prorogram Files\driverdoc\difxapi64.dll
C:\Prorogram Files\driverdoc\difxapi.dll


*reg_key
HKCU\SOFTWARE\Classes\local settings\SOFTWARE\Microsoft\Windows\CurrentVersion\appcontainer\storage\microsoft.microsoftedge_8wekyb3d8bbwe\children\001\internet explorer\domstorage\solvusoft.com
HKCU\SOFTWARE\Classes\local settings\SOFTWARE\Microsoft\Windows\CurrentVersion\appcontainer\storage\microsoft.microsoftedge_8wekyb3d8bbwe\children\001\internet explorer\domstorage\www.solvusoft.com
HKCU\SOFTWARE\Classes\local settings\SOFTWARE\Microsoft\Windows\CurrentVersion\appcontainer\storage\microsoft.microsoftedge_8wekyb3d8bbwe\children\001\internet explorer\edpdomstorage\solvusoft.com
HKCU\SOFTWARE\Classes\local settings\SOFTWARE\Microsoft\Windows\CurrentVersion\appcontainer\storage\microsoft.microsoftedge_8wekyb3d8bbwe\children\001\internet explorer\edpdomstorage\www.solvusoft.com
HKCU\software\solvusoft
HKLM\software\solvusoft
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\driverdoc_is1
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{61315e31-e3c7-4130-b3e5-e26992a02766}
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{d40a5e68-e7d9-4cda-b302-01a8b6ca1a2b}
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\driverdoc_updates
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\driverdocrunatstartup
HKLM\software\microsoft\windows nt\currentversion\schedule\compatibilityadapter\signatures:driverdoc_updates.job
HKLM\software\microsoft\windows nt\currentversion\schedule\compatibilityadapter\signatures:driverdoc_updates.job.fp



PUP.RinoReader

 

*file
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader\Uninstall.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader\RinoReader.lnk
C:\Prorogram Files\RinoReader\RinoReader.exe


*reg_key
HKCU\Software\RinoReader
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RinoReader.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RinoReader

 

11111.png

 

TAG •
위로 아래로 댓글로 가기 인쇄