Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\RSUSBSTOR] 'ImagePath' = 'System32\Drivers\RtsUStor.sys'
- %TEMP%\7zS43BA5063\DATA1.CAB
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SAM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SYSTEM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SOFTWARE
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SECURITY
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_.DEFAULT
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-18
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\Disp8dba.rra
- <DRIVERS>\RTSU8d2e.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\SDRT8cc0.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU886b.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU881d.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU8780.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU87ee.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\ComDb.Dat
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\domain.txt
- <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.MAP
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.ini
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setubc1d.rra
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setubbcf.rra
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\ISSebb33.rra
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_Setbad5.rra
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setuba29.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING2.MAP
- %TEMP%\705f.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING1.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING.VER
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.MAP
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\datab806.rra
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\datab7e7.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.BTR
- %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\layob7b8.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\$WinMgmt.CFG
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU8752.rra
- %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVC8703.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_IsR7977.rra
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\RTSUSTOR.SYS
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\RTSUSTOR.DLL
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\REVCON.EXE
- %TEMP%\7zS43BA5063\USETUP.ISS
- %TEMP%\7zS43BA5063\SETUP.ISS
- %TEMP%\7zS43BA5063\SETUP.INX
- %TEMP%\7zS43BA5063\SETUP.INI
- %TEMP%\7zS43BA5063\README.TXT
- %TEMP%\7zS43BA5063\LAYOUT.BIN
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\RTSUSTOR.INF
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\RTSUSTOR.CAT
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\RTSUSTOR.INF
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\RTSUSTOR.CAT
- %TEMP%\7zS43BA5063\DISPLAYICON.ICO
- %TEMP%\7zS43BA5063\DATA2.CAB
- %TEMP%\7zS43BA5063\DATA1.HDR
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\SDRTCPRM.DLL
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\REVCON.EXE
- %TEMP%\7zS43BA5063\DRIVERBIN_32BIT\RTSUSTORICON.DLL
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\RTSUSTOR.DLL
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\defa78bb.rra
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\RTSUSTOR.SYS
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\isrt783e.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Stri7783.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DIFx76e6.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Font7689.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\dotn762b.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\core75cd.rra
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DelK757f.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.DATA
- %WINDIR%\inf\oem3.inf
- %TEMP%\{8E3C8E72-0711-41BC-A332-12E5647EF4E3}\setup.ini
- %TEMP%\{8E3C8E72-0711-41BC-A332-12E5647EF4E3}\_Setup.dll
- %TEMP%\7zS43BA5063\_SETUP.DLL
- %TEMP%\7zS43BA5063\SETUP.EXE
- %TEMP%\7zS43BA5063\SETEHCIKEY.EXE
- %TEMP%\7zS43BA5063\RMBCHANGE.EXE
- %TEMP%\7zS43BA5063\ISSETUP.DLL
- %TEMP%\7zS43BA5063\DRIVERBIN_64BIT\RTSUSTORICON.DLL
- %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setu74f2.rra
- %WINDIR%\inf\oem3.PNF
- <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setu74f2.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.inx
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\ISSebb33.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\ISSetup.dll
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_Setbad5.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_Setup.dll
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setuba29.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\datab806.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\data1.cab
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\datab7e7.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\data1.hdr
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\layob7b8.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\layout.bin
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\Disp8dba.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\DisplayIcon.ico
- from <DRIVERS>\RTSU8d2e.rra to <DRIVERS>\RTSUSTOR.SYS
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\SDRT8cc0.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\SDRTCPRM.DLL
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU886b.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSUSTORICON.DLL
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU881d.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSUSTOR.SYS
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setubbcf.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.inx
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU87ee.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSUSTOR.INF
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU8752.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSUSTOR.CAT
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVC8703.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVCON.EXE
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_IsR7977.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\_IsRes.dll
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\defa78bb.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\default.pal
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\isrt783e.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\isrt.dll
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Stri7783.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\StringTable-0009-English.ips
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DIFx76e6.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DIFxData.ini
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Font7689.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\FontData.ini
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\dotn762b.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\dotnetinstaller.exe
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\core75cd.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\corecomp.ini
- from %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DelK757f.rra to %TEMP%\{BB132778-DFE6-435C-AEF6-2736B811804C}\{96AE7E41-E34E-47D0-AC07-1091A8127911}\DelKey.dll
- from %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSU8780.rra to %ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\RTSUSTOR.DLL
- from %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setubc1d.rra to %ProgramFiles%\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.ini
- '%TEMP%\7zS43BA5063\SETUP.EXE'
- '%ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVCON.EXE' RS_dp_add RTSUSTOR.inf
- '%ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVCON.EXE' RS_update RTSUSTOR.inf USB\VID_0BDA&PID_0103
- '%ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVCON.EXE' RS_update RTSUSTOR.inf USB\VID_0BDA&PID_0104
- '%ProgramFiles%\Realtek\Realtek USB 2.0 Card Reader\REVCON.EXE' RS_update RTSUSTOR.inf USB\VID_0BDA&PID_0105