PUA.Win32.InstallCore.USMANGAHAP
Win32/InstallCore.AYH potentially unwanted application(NOD32);
Plataforma:
Windows
Classificao do risco total:
Potencial de dano:
Potencial de distribuição:
infecção relatada:
Exposição das informações:
Baixo
Medium
Alto
Crítico
Tipo de grayware:
Potentially Unwanted Application
Destrutivo:
Não
Criptografado:
Não
In the Wild:
Sim
Visão geral
Detalhes técnicos
Tipo de compactação: 2,333,560 bytes
Tipo de arquivo: EXE
Residente na memória: Sim
Data de recebimento das amostras iniciais: 30 julho 2019
Installation
Schleust die folgenden Dateien ein:
- %Program Files%\DriverDoc\unins000.exe
- %Program Files%\DriverDoc\Solvusoftdd.exe
- %Program Files%\DriverDoc\install_left_image.bmp
- %Program Files%\DriverDoc\isxdl.dll
- %Program Files%\DriverDoc\unrar.dll
- %Program Files%\DriverDoc\difxapi.dll
- %Program Files%\DriverDoc\difxapi64.dll
- %Program Files%\DriverDoc\updater\amd64Helper\DriverUpdateHelper64.exe
- %Program Files%\DriverDoc\updater\amd64Helper\DriverUpdateHelper64.manifest
- %Program Files%\DriverDoc\updater\amd64Helper\difxapi.dll
- %Program Files%\DriverDoc\updater\extract\7z.exe
- %Program Files%\DriverDoc\updater\extract\7z.dll
- %Program Files%\DriverDoc\updater\extract\History.txt
- %Program Files%\DriverDoc\updater\extract\copying.txt
- %Program Files%\DriverDoc\updater\extract\license.txt
- %Program Files%\DriverDoc\updater\extract\readme.txt
- %Program Files%\DriverDoc\Chinese_rcp.ini
- %Program Files%\DriverDoc\Danish_rcp.ini
- %Program Files%\DriverDoc\Dutch_rcp.ini
- %Program Files%\DriverDoc\eng_rcp.ini
- %Program Files%\DriverDoc\French_rcp.ini
- %Program Files%\DriverDoc\German_rcp.ini
- %Program Files%\DriverDoc\Italian_rcp.ini
- %Program Files%\DriverDoc\Japanese_rcp.ini
- %Program Files%\DriverDoc\Norwegian_rcp.ini
- %Program Files%\DriverDoc\Portuguese_rcp.ini
- %Program Files%\DriverDoc\Spanish_rcp.ini
- %Program Files%\DriverDoc\Swedish_rcp.ini
- %Program Files%\DriverDoc\Finnish_rcp_fi.ini
- %Program Files%\DriverDoc\russian_rcp_ru.ini
- %Program Files%\DriverDoc\unins000.msg
- %Program Files%\DriverDoc\unins000.dat
- %Common Programs%\DriverDoc\DriverDoc.lnk
- %Common Programs%\DriverDoc\Register DriverDoc.lnk
- %Common Programs%\DriverDoc\Uninstall DriverDoc.lnk
- %Desktop%\DriverDoc.lnk
(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %Desktop% ist der Ordner 'Desktop' für den aktuellen Benutzer, normalerweise C:\Windows\Profile\{Benutzername}\Desktop unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername}\Desktop unter Windows NT, C:\Dokumente und Einstellungen\{Benutzername}\Desktop unter Windows 2000(32-bit), XP und Server 2003(32-bit) und C:\Users\{Benutzername}\Desktop unter Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) und 10(64-bit).)
Andere Details
Fügt die folgenden Zeilen oder Registrierungseinträge als Teil der eigenen Installationsroutine hinzu:
- HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
utm_source = "solvusoft" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
utm_campaign = "default" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
utm_medium = "newbuild" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
BuyNowURL = "http://www.solvusoft.com/{LANG}/driverdoc/purchase/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
RenewNowURL = "http://www.solvusoft.com/{LANG}/driverdoc/renew/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
CompanyWebsiteURL = "" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
HelpURLINT = "" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
HelpURLDE = "" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
SupportURL = "https://support.solvusoft.com" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
StartAutoScanPMUI = "1" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
StartAutoScanOnLaunch = "0" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
StartAutoTutorial = "1" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
TrialType = "0" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
MaxFixLimit = "50" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Inno Setup: Setup Version = "5.5.1 (u)" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Inno Setup: App Path = "%Program Files%\DriverDoc" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
InstallLocation = "%Program Files%\DriverDoc\" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Inno Setup: Icon Group = "DriverDoc" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Inno Setup: User = "dyituser_732" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Inno Setup: Language = "en" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
DisplayName = "DriverDoc" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
DisplayIcon = "%Program Files%\DriverDoc\Solvusoftdd.exe" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
UninstallString = ""%Program Files%\DriverDoc\unins000.exe"" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
QuietUninstallString = ""%Program Files%\DriverDoc\unins000.exe" /SILENT" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
DisplayVersion = "1.52.1086.14425" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
Publisher = "Solvusoft Corporation" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
NoModify = "1" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
NoRepair = "1" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
InstallDate = "20190805" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
MajorVersion = "1" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
MinorVersion = "52" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
EstimatedSize = "14333" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
InstalledPath = "%Program Files%\DriverDoc" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
InstalledPath = "%Program Files%\DriverDoc" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc\LANG
LangCode = "en" - HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc\LANG
LangID = "0" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc\LANG
LangID = "0" - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
UninstallString = ""%Program Files%\DriverDoc\unins000.exe" /silent" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
Download Path = "%Application Data%\Solvusoft\solvusoftdd\DriverDoc\Download\" - HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
Backup Path = "%Application Data%\Solvusoft\solvusoftdd\DriverDoc\Backup\"
Solução
Mecanismo de varredura mínima: 9.850
SSAPI Pattern File: 2.199.00
SSAPI Pattern Release Date: 01 agosto 2019
Step 1
Für Windows ME und XP Benutzer: Stellen Sie vor einer Suche sicher, dass die Systemwiederherstellung deaktiviert ist, damit der gesamte Computer durchsucht werden kann.
Step 2
Note that not all files, folders, and registry keys and entries are installed on your computer during this malware's/spyware's/grayware's execution. This may be due to incomplete installation or other operating system conditions. If you do not find the same files/folders/registry information, please proceed to the next step.
Step 3
PUA.Win32.InstallCore.USMANGAHAP über die eigene Option zum Deinstallieren entfernen
[ Saber mais ]
Den Grayware-Prozess deinstallierenStep 4
Diesen Registrierungswert löschen
[ Saber mais ]
Wichtig: Eine nicht ordnungsgemäße Bearbeitung der Windows Registrierung kann zu einer dauerhaften Fehlfunktion des Systems führen. Führen Sie diesen Schritt nur durch, wenn Sie mit der Vorgehensweise vertraut sind oder wenn Sie Ihren Systemadministrator um Unterstützung bitten können. Lesen Sie ansonsten zuerst diesen Microsoft Artikel, bevor Sie die Registrierung Ihres Computers ändern.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- utm_source = solvusoft
- utm_source = solvusoft
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- utm_campaign = default
- utm_campaign = default
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- utm_medium = newbuild
- utm_medium = newbuild
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- BuyNowURL = http://www.solvusoft.com/{LANG}/driverdoc/purchase/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild
- BuyNowURL = http://www.solvusoft.com/{LANG}/driverdoc/purchase/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- RenewNowURL = http://www.solvusoft.com/{LANG}/driverdoc/renew/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild
- RenewNowURL = http://www.solvusoft.com/{LANG}/driverdoc/renew/?ver=ddsystwk152&utm_source=solvusoft&utm_campaign=default&utm_medium=newbuild
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- CompanyWebsiteURL
- CompanyWebsiteURL
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- HelpURLINT
- HelpURLINT
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- HelpURLDE
- HelpURLDE
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- SupportURL = https://support.solvusoft.com
- SupportURL = https://support.solvusoft.com
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- StartAutoScanPMUI = 1
- StartAutoScanPMUI = 1
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- StartAutoScanOnLaunch = 0
- StartAutoScanOnLaunch = 0
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- StartAutoTutorial = 1
- StartAutoTutorial = 1
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- TrialType = 0
- TrialType = 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- MaxFixLimit = 50
- MaxFixLimit = 50
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Inno Setup: Setup Version = 5.5.1 (u)
- Inno Setup: Setup Version = 5.5.1 (u)
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Inno Setup: App Path = %Program Files%\DriverDoc
- Inno Setup: App Path = %Program Files%\DriverDoc
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- InstallLocation = %Program Files%\DriverDoc\
- InstallLocation = %Program Files%\DriverDoc\
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Inno Setup: Icon Group = DriverDoc
- Inno Setup: Icon Group = DriverDoc
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Inno Setup: User = dyituser_732
- Inno Setup: User = dyituser_732
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Inno Setup: Language = en
- Inno Setup: Language = en
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- DisplayName = DriverDoc
- DisplayName = DriverDoc
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- DisplayIcon = %Program Files%\DriverDoc\Solvusoftdd.exe
- DisplayIcon = %Program Files%\DriverDoc\Solvusoftdd.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- UninstallString = "%Program Files%\DriverDoc\unins000.exe"
- UninstallString = "%Program Files%\DriverDoc\unins000.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- QuietUninstallString = "%Program Files%\DriverDoc\unins000.exe" /SILENT
- QuietUninstallString = "%Program Files%\DriverDoc\unins000.exe" /SILENT
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- DisplayVersion = 1.52.1086.14425
- DisplayVersion = 1.52.1086.14425
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- Publisher = Solvusoft Corporation
- Publisher = Solvusoft Corporation
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- NoModify = 1
- NoModify = 1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- NoRepair = 1
- NoRepair = 1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- InstallDate = 20190805
- InstallDate = 20190805
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- MajorVersion = 1
- MajorVersion = 1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- MinorVersion = 52
- MinorVersion = 52
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- EstimatedSize = 14333
- EstimatedSize = 14333
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- InstalledPath = %Program Files%\DriverDoc
- InstalledPath = %Program Files%\DriverDoc
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc
- InstalledPath = %Program Files%\DriverDoc
- InstalledPath = %Program Files%\DriverDoc
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc\LANG
- LangCode = en
- LangCode = en
- In HKEY_LOCAL_MACHINE\SOFTWARE\Solvusoft\Solvusoftdd\DriverDoc\LANG
- LangID = 0
- LangID = 0
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc\LANG
- LangID = 0
- LangID = 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc_is1
- UninstallString = "%Program Files%\DriverDoc\unins000.exe" /silent
- UninstallString = "%Program Files%\DriverDoc\unins000.exe" /silent
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- Download Path = %Application Data%\Solvusoft\solvusoftdd\DriverDoc\Download\
- Download Path = %Application Data%\Solvusoft\solvusoftdd\DriverDoc\Download\
- In HKEY_CURRENT_USER\Software\Solvusoft\Solvusoftdd\DriverDoc
- Backup Path = %Application Data%\Solvusoft\solvusoftdd\DriverDoc\Backup\
- Backup Path = %Application Data%\Solvusoft\solvusoftdd\DriverDoc\Backup\
DATA_GENERIC_ENTRY
Step 5
Diese Datei suchen und löschen
[ Saber mais ]
Möglicherweise sind einige Komponentendateien verborgen. Aktivieren Sie unbedingt das Kontrollkästchen Versteckte Elemente durchsuchen unter Weitere erweiterte Optionen, um alle verborgenen Dateien und Ordner in den Suchergebnissen zu berücksichtigen. - %Program Files%\DriverDoc\unins000.exe
- %Program Files%\DriverDoc\Solvusoftdd.exe
- %Program Files%\DriverDoc\install_left_image.bmp
- %Program Files%\DriverDoc\isxdl.dll
- %Program Files%\DriverDoc\unrar.dll
- %Program Files%\DriverDoc\difxapi.dll
- %Program Files%\DriverDoc\difxapi64.dll
- %Program Files%\DriverDoc\updater\amd64Helper\DriverUpdateHelper64.exe
- %Program Files%\DriverDoc\updater\amd64Helper\DriverUpdateHelper64.manifest
- %Program Files%\DriverDoc\updater\amd64Helper\difxapi.dll
- %Program Files%\DriverDoc\updater\extract\7z.exe
- %Program Files%\DriverDoc\updater\extract\7z.dll
- %Program Files%\DriverDoc\updater\extract\History.txt
- %Program Files%\DriverDoc\updater\extract\copying.txt
- %Program Files%\DriverDoc\updater\extract\license.txt
- %Program Files%\DriverDoc\updater\extract\readme.txt
- %Program Files%\DriverDoc\Chinese_rcp.ini
- %Program Files%\DriverDoc\Danish_rcp.ini
- %Program Files%\DriverDoc\Dutch_rcp.ini
- %Program Files%\DriverDoc\eng_rcp.ini
- %Program Files%\DriverDoc\French_rcp.ini
- %Program Files%\DriverDoc\German_rcp.ini
- %Program Files%\DriverDoc\Italian_rcp.ini
- %Program Files%\DriverDoc\Japanese_rcp.ini
- %Program Files%\DriverDoc\Norwegian_rcp.ini
- %Program Files%\DriverDoc\Portuguese_rcp.ini
- %Program Files%\DriverDoc\Spanish_rcp.ini
- %Program Files%\DriverDoc\Swedish_rcp.ini
- %Program Files%\DriverDoc\Finnish_rcp_fi.ini
- %Program Files%\DriverDoc\russian_rcp_ru.ini
- %Program Files%\DriverDoc\unins000.msg
- %Program Files%\DriverDoc\unins000.dat
- %Common Programs% \DriverDoc\DriverDoc.lnk
- %Common Programs% \DriverDoc\Register DriverDoc.lnk
- %Common Programs% \DriverDoc\Uninstall DriverDoc.lnk
- %Desktop%\DriverDoc.lnk
Step 6
Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als PUA.Win32.InstallCore.USMANGAHAP entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.
Participe da nossa pesquisa!