General Info

File name

ntdll.dll_repair-setup.exe

Full analysis
https://app.any.run/tasks/f1dbced1-be07-48fc-99a8-1a1c3938128e
Verdict
Malicious activity
Analysis date
10/9/2019, 15:19:53
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows
MD5

503f33df63ddf4879f5f38cc081d9962

SHA1

ad809c34ad1516c62d48af2f4376cbd7561e9cd3

SHA256

47e466f1aede2d5c5dd66d935aa41a2b6d1f5f33eb3a45c8c54099923eee9b9b

SSDEEP

393216:JAr9+Ysc1MsqByxIyLoxu1eCZEXxrxihjALj+Uvx5Nnj+9NsVsYSJIVd:JAr9+YsctIbuXZvETjRsYdd

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • PCRepair.exe (PID: 3832)
  • PCRepair.exe (PID: 2452)
  • PCRepair.exe (PID: 1368)
  • PCRepair.exe (PID: 3864)
  • Installer.exe (PID: 2656)
Loads dropped or rewritten executable
  • PCRepair.exe (PID: 1368)
  • regsvr32.exe (PID: 3836)
  • PCRepair.exe (PID: 3864)
  • Installer.exe (PID: 2656)
  • ntdll.dll_repair-setup.exe (PID: 2860)
Loads the Task Scheduler COM API
  • PCRepair.exe (PID: 1368)
  • PCRepair.exe (PID: 3864)
Registers / Runs the DLL via REGSVR32.EXE
  • Installer.exe (PID: 2656)
Changes settings of System certificates
  • Installer.exe (PID: 2656)
Creates files in the program directory
  • PCRepair.exe (PID: 3864)
  • PCRepair.exe (PID: 1368)
  • Installer.exe (PID: 2656)
Low-level read access rights to disk partition
  • PCRepair.exe (PID: 3864)
  • PCRepair.exe (PID: 1368)
Reads the machine GUID from the registry
  • PCRepair.exe (PID: 1368)
  • PCRepair.exe (PID: 3864)
  • Installer.exe (PID: 2656)
Reads Windows Product ID
  • PCRepair.exe (PID: 1368)
  • PCRepair.exe (PID: 3864)
  • Installer.exe (PID: 2656)
Reads the cookies of Mozilla Firefox
  • Installer.exe (PID: 2656)
Executable content was dropped or overwritten
  • Installer.exe (PID: 2656)
  • ntdll.dll_repair-setup.exe (PID: 2860)
Creates files in the user directory
  • Installer.exe (PID: 2656)
Reads the BIOS version
  • Installer.exe (PID: 2656)
Creates COM task schedule object
  • regsvr32.exe (PID: 3836)
Reads Internet Cache Settings
  • Installer.exe (PID: 2656)
Reads the cookies of Google Chrome
  • Installer.exe (PID: 2656)
Creates a software uninstall entry
  • Installer.exe (PID: 2656)
Reads Windows owner or organization settings
  • Installer.exe (PID: 2656)
Reads the Windows organization settings
  • Installer.exe (PID: 2656)
Adds / modifies Windows certificates
  • Installer.exe (PID: 2656)
Searches for installed software
  • PCRepair.exe (PID: 1368)
Reads Microsoft Office registry keys
  • PCRepair.exe (PID: 1368)
Manual execution by user
  • PCRepair.exe (PID: 3832)
  • PCRepair.exe (PID: 2452)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Win32 EXE PECompact compressed (generic) (79.7%)
.exe
|   Win32 Executable (generic) (8.6%)
.exe
|   Win16/32 Executable Delphi generic (3.9%)
.exe
|   Generic Win/DOS Executable (3.8%)
.exe
|   DOS Executable Generic (3.8%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
2019:04:01 13:31:19+02:00
PEType:
PE32
LinkerVersion:
2.25
CodeSize:
143360
InitializedDataSize:
330752
UninitializedDataSize:
null
EntryPoint:
0x24530
OSVersion:
5
ImageVersion:
6
SubsystemVersion:
5
Subsystem:
Windows GUI
FileVersionNumber:
1.0.2.4
ProductVersionNumber:
1.0.2.4
FileFlagsMask:
0x003f
FileFlags:
(none)
FileOS:
Win32
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
Neutral
CharacterSet:
Unicode
Comments:
PC Repair
CompanyName:
Outbyte
FileDescription:
Outbyte PC Repair Installation File
FileVersion:
1.0.2.4
LegalCopyright:
Copyright © 2016-2019 Outbyte Computing Pty Ltd
OriginalFileName:
Outbyte-pc-repair-setup.exe
ProductName:
PC Repair
ProductVersion:
1.x
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
01-Apr-2019 11:31:19
Detected languages
English - United States
Russian - Russia
Comments:
PC Repair
CompanyName:
Outbyte
FileDescription:
Outbyte PC Repair Installation File
FileVersion:
1.0.2.4
LegalCopyright:
Copyright © 2016-2019 Outbyte Computing Pty Ltd
OriginalFileName:
Outbyte-pc-repair-setup.exe
ProductName:
PC Repair
ProductVersion:
1.x
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0050
Pages in file:
0x0002
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x000F
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x001A
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x00000100
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
11
Time date stamp:
01-Apr-2019 11:31:19
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
.text 0x00001000 0x00022710 0x00022800 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.36273
.itext 0x00024000 0x00000630 0x00000800 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 5.12848
.data 0x00025000 0x000017B4 0x00001800 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 3.63104
.bss 0x00027000 0x00005D24 0x00000000 IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 0
.idata 0x0002D000 0x00000FF0 0x00001000 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 5.02571
.didata 0x0002E000 0x000001F4 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 3.47014
.edata 0x0002F000 0x00000074 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 1.34766
.tls 0x00030000 0x00000014 0x00000000 IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 0
.rdata 0x00031000 0x0000005C 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 1.33262
.reloc 0x00032000 0x00003164 0x00003200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_DISCARDABLE,IMAGE_SCN_MEM_READ 6.52454
.rsrc 0x00036000 0x0004AB8C 0x0004AC00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 4.04095
Resources
1

2

3

4

5

6

7

8

4089

4090

4091

4092

4093

4094

4095

4096

DVCLAL

PACKAGEINFO

RES_DATA

MAINICON

Imports
    oleaut32.dll

    advapi32.dll

    user32.dll

    kernel32.dll

    version.dll

    netapi32.dll

    kernel32.dll (delay-loaded)

Exports
    dbkFCallWrapperAddr

    __dbk_fcall_wrapper

Screenshots

Processes

Total processes
48
Monitored processes
8
Malicious processes
4
Suspicious processes
0

Behavior graph

+
drop and start start drop and start drop and start ntdll.dll_repair-setup.exe no specs ntdll.dll_repair-setup.exe installer.exe regsvr32.exe no specs pcrepair.exe no specs pcrepair.exe pcrepair.exe no specs pcrepair.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3680
CMD
"C:\Users\admin\AppData\Local\Temp\ntdll.dll_repair-setup.exe"
Path
C:\Users\admin\AppData\Local\Temp\ntdll.dll_repair-setup.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221226540
Version:
Company
Outbyte
Description
Outbyte PC Repair Installation File
Version
1.0.2.4
Modules
Image
c:\users\admin\appdata\local\temp\ntdll.dll_repair-setup.exe
c:\systemroot\system32\ntdll.dll

PID
2860
CMD
"C:\Users\admin\AppData\Local\Temp\ntdll.dll_repair-setup.exe"
Path
C:\Users\admin\AppData\Local\Temp\ntdll.dll_repair-setup.exe
Indicators
Parent process
––
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Outbyte
Description
Outbyte PC Repair Installation File
Version
1.0.2.4
Modules
Image
c:\users\admin\appdata\local\temp\ntdll.dll_repair-setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\version.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\setuphelper.dll
c:\windows\system32\mpr.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\psapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\installer.exe

PID
2656
CMD
"C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Installer.exe" /spid:2860 /splha:19605824
Path
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Installer.exe
Indicators
Parent process
ntdll.dll_repair-setup.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Outbyte
Description
Installer
Version
1.0.2.4
Modules
Image
c:\users\admin\appdata\local\temp\is-838689.tmp\installer.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\axcomponentsvcl.bpl
c:\users\admin\appdata\local\temp\is-838689.tmp\axcomponentsrtl.bpl
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\version.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\rtl250.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\vclimg250.bpl
c:\windows\system32\winmm.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\vcl250.bpl
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\oledlg.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\faultrep.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\pcrepair.exe
c:\windows\system32\wintrust.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\localizer.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\setuphelper.dll
c:\windows\system32\psapi.dll
c:\windows\system32\sspicli.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\googleanalyticshelper.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\schannel.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\commonforms.site.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\users\admin\appdata\local\temp\is-838689.tmp\browserhelper.dll
c:\windows\system32\vaultcli.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\program files\mozilla firefox\firefox.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\opera\opera.exe
c:\users\admin\appdata\local\temp\is-838689.tmp\sqlite3.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\propsys.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\program files\outbyte\pc repair\pcrepair.exe
c:\program files\outbyte\pc repair\unins000.exe
c:\windows\system32\apphelp.dll
c:\windows\system32\regsvr32.exe
c:\users\admin\appdata\local\temp\is-838689.tmp\__setup\islzma.dll

PID
3836
CMD
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\Outbyte\PC Repair\BrowserCareHelper.Agent.x32.dll"
Path
C:\Windows\system32\regsvr32.exe
Indicators
No indicators
Parent process
Installer.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft(C) Register Server
Version
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\windows\system32\regsvr32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\outbyte\pc repair\browsercarehelper.agent.x32.dll
c:\program files\outbyte\pc repair\rtl250.bpl
c:\windows\system32\oleacc.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\sxs.dll

PID
3864
CMD
"C:\Program Files\Outbyte\PC Repair\PCRepair.exe" /Install /SendInfo /AutoStart
Path
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
Indicators
No indicators
Parent process
Installer.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Outbyte
Description
PC Repair
Version
1.0.2.4
Modules
Image
c:\program files\outbyte\pc repair\pcrepair.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\outbyte\pc repair\axcomponentsvcl.bpl
c:\program files\outbyte\pc repair\axcomponentsrtl.bpl
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\version.dll
c:\program files\outbyte\pc repair\rtl250.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\program files\outbyte\pc repair\vclimg250.bpl
c:\windows\system32\winmm.dll
c:\program files\outbyte\pc repair\vcl250.bpl
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\oledlg.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\faultrep.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\program files\outbyte\pc repair\sqlite3.dll
c:\program files\outbyte\pc repair\systeminformationhelper.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\winsatapi.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\msxml6.dll
c:\windows\system32\sspicli.dll
c:\program files\common files\microsoft shared\office14\msoxmlmf.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\windows\system32\propsys.dll
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll
c:\windows\system32\vga.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\spinf.dll
c:\windows\system32\dispci.dll
c:\windows\system32\wdi.dll
c:\program files\outbyte\pc repair\volumeshelper.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\d3d10_1.dll
c:\windows\system32\d3d10_1core.dll
c:\windows\system32\d3d10warp.dll
c:\program files\outbyte\pc repair\localizer.dll
c:\program files\outbyte\pc repair\taskschedulerhelper.dll
c:\windows\system32\taskschd.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xmllite.dll

PID
1368
CMD
"C:\Program Files\Outbyte\PC Repair\PCRepair.exe" /FromInstaller
Path
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
Indicators
Parent process
Installer.exe
User
admin
Integrity Level
HIGH
Version:
Company
Outbyte
Description
PC Repair
Version
1.0.2.4
Modules
Image
c:\program files\outbyte\pc repair\pcrepair.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\outbyte\pc repair\axcomponentsvcl.bpl
c:\program files\outbyte\pc repair\axcomponentsrtl.bpl
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\version.dll
c:\program files\outbyte\pc repair\rtl250.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\program files\outbyte\pc repair\vclimg250.bpl
c:\windows\system32\winmm.dll
c:\program files\outbyte\pc repair\vcl250.bpl
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\oledlg.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\faultrep.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\program files\outbyte\pc repair\sqlite3.dll
c:\program files\outbyte\pc repair\systeminformationhelper.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemdisp.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\winsatapi.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\msxml6.dll
c:\windows\system32\sspicli.dll
c:\program files\common files\microsoft shared\office14\msoxmlmf.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\windows\system32\propsys.dll
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll
c:\windows\system32\vga.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\spinf.dll
c:\windows\system32\dispci.dll
c:\windows\system32\wdi.dll
c:\program files\outbyte\pc repair\volumeshelper.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\d2d1.dll
c:\windows\system32\d3d10_1.dll
c:\windows\system32\d3d10_1core.dll
c:\windows\system32\d3d10warp.dll
c:\program files\outbyte\pc repair\localizer.dll
c:\program files\outbyte\pc repair\taskschedulerhelper.dll
c:\windows\system32\taskschd.dll
c:\program files\outbyte\pc repair\atpopupshelper.dll
c:\program files\outbyte\pc repair\atupdatershelper.dll
c:\program files\outbyte\pc repair\performancemonitorhelper.dll
c:\windows\system32\pdh.dll
c:\program files\outbyte\pc repair\browserhelper.dll
c:\windows\system32\vaultcli.dll
c:\program files\mozilla firefox\firefox.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\opera\opera.exe
c:\program files\outbyte\pc repair\shellextension.dll
c:\program files\outbyte\pc repair\datastoragehelper.dll
c:\program files\outbyte\pc repair\diskcleanerhelper.dll
c:\program files\outbyte\pc repair\diskwipehelper.dll
c:\program files\outbyte\pc repair\servicemanagerhelper.dll
c:\program files\outbyte\pc repair\tweakmanagerhelper.dll
c:\program files\microsoft office\office14\winword.exe
c:\program files\microsoft office\office14\excel.exe
c:\program files\microsoft office\office14\powerpnt.exe
c:\program files\microsoft office\office14\outlook.exe
c:\program files\microsoft office\office14\msaccess.exe
c:\program files\microsoft office\office14\onenote.exe
c:\program files\microsoft office\office14\mspub.exe
c:\program files\microsoft office\office14\graph.exe
c:\program files\windows defender\mpclient.dll
c:\program files\windows media player\wmplayer.exe
c:\program files\outbyte\pc repair\rescuecenterhelper.dll
c:\program files\outbyte\pc repair\googleanalyticshelper.dll
c:\program files\outbyte\pc repair\debughelper.dll
c:\windows\system32\security.dll
c:\windows\system32\secur32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\schannel.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\credssp.dll
c:\program files\outbyte\pc repair\registrycleanerhelper.dll
c:\program files\outbyte\pc repair\winprivacy.dll
c:\program files\outbyte\pc repair\malwaredetectionhelper.dll
c:\program files\outbyte\pc repair\browsercarehelper.dll
c:\program files\outbyte\pc repair\spywarecheckerhelper.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll

PID
2452
CMD
"C:\Program Files\Outbyte\PC Repair\PCRepair.exe"
Path
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221226540
Version:
Company
Outbyte
Description
PC Repair
Version
1.0.2.4
Modules
Image
c:\program files\outbyte\pc repair\pcrepair.exe
c:\systemroot\system32\ntdll.dll

PID
3832
CMD
"C:\Program Files\Outbyte\PC Repair\PCRepair.exe"
Path
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
Indicators
Parent process
––
User
admin
Integrity Level
HIGH
Version:
Company
Outbyte
Description
PC Repair
Version
1.0.2.4
Modules
Image
c:\program files\outbyte\pc repair\pcrepair.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\outbyte\pc repair\axcomponentsvcl.bpl
c:\program files\outbyte\pc repair\axcomponentsrtl.bpl
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\version.dll
c:\program files\outbyte\pc repair\rtl250.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\opengl32.dll
c:\windows\system32\glu32.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\program files\outbyte\pc repair\vclimg250.bpl
c:\windows\system32\winmm.dll
c:\program files\outbyte\pc repair\vcl250.bpl
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\oledlg.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\faultrep.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll

Registry activity

Total events
1128
Read events
977
Write events
151
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
2656
Installer.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\72\52C64B7E
LanguageList
en-US
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\801D62D07B449D5C5C035C98EA61FA443C2A58FE
Blob
0F0000000100000014000000F53631B5177626EB6541DF5563C8187D9DCA421A09000000010000005E000000305C06082B0601050507030306082B0601050507030106082B0601050507030206082B0601050507030406082B0601050508020206082B0601050507030606082B0601050507030706082B06010505070308060A2B0601040182370A030453000000010000002400000030223020060A6086480186FA6C0A010230123010060A2B0601040182373C0101030200C014000000010000001400000055E481D11180BED889B908A331F9A1240916B9701D0000000100000010000000E871723E266F38AF5D49CDA2A502669C0B000000010000001000000045006E00740072007500730074000000030000000100000014000000801D62D07B449D5C5C035C98EA61FA443C2A58FE2000000001000000600400003082045C30820344A00302010202043863B966300D06092A864886F70D01010505003081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F7269747920283230343829301E170D3939313232343137353035315A170D3139313232343138323035315A3081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F726974792028323034382930820122300D06092A864886F70D01010105000382010F003082010A0282010100AD4D4BA91286B2EAA320071516642A2B4BD1BF0B4A4D8EED8076A567B77840C07342C868C0DB532BDD5EB8769835938B1A9D7C133A0E1F5BB71ECFE524141EB181A98D7DB8CC6B4B03F1020CDCABA54024007F7494A19D0829B3880BF587779D55CDE4C37ED76A64AB851486955B9732506F3DC8BA660CE3FCBDB849C176894919FDC0A8BD89A3672FC69FBC711960B82DE92CC99076667B94E2AF78D665535D3CD69CB2CF2903F92FA450B2D448CE0532558AFDB2644C0EE4980775DB7FDFB9085560853029F97B48A46986E3353F1E865D7A7A15BDEF008E1522541700902693BC0E496891BFF847D39D9542C10E4DDF6F26CFC3182162664370D6D5C007E10203010001A3743072301106096086480186F8420101040403020007301F0603551D2304183016801455E481D11180BED889B908A331F9A1240916B970301D0603551D0E0416041455E481D11180BED889B908A331F9A1240916B970301D06092A864886F67D0741000410300E1B0856352E303A342E3003020490300D06092A864886F70D010105050003820101005947AC21848A17C99C89531EBA80851AC63C4E3EB19CB67CC6925D186402E3D3060811617C63E32B9D31037076D2A328A0F4BB9A6373ED6DE52ADBED14A92BC63611D02BEB078BA5DA9E5C199D5612F55429C805EDB2122A8DF4031BFFE7921087B03AB5C39D053712A3C7F415B9D5A439169B533A2391F1A882A26A8868C1790222BCAAA6D6AEDFB0145FB887D0DD7C7F7BFFAF1CCFE6DB07AD5EDB859DD02B0D33DB04D1E64940132B76FB3EE99C890F15CE18B08578214F6B4F0EFA3667CD07F2FF08D0E2DED9BF2AAFB88786213C04CAB794687FCF3CE998D738FFECC0D950F02E4B58AE466FD02EC360DA725572BD4C459E61BABF84819203D1D2697CC5
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\801D62D07B449D5C5C035C98EA61FA443C2A58FE
Blob
19000000010000001000000091FAD483F14848A8A69B18B805CDBB3A030000000100000014000000801D62D07B449D5C5C035C98EA61FA443C2A58FE0B000000010000001000000045006E007400720075007300740000001D0000000100000010000000E871723E266F38AF5D49CDA2A502669C14000000010000001400000055E481D11180BED889B908A331F9A1240916B97053000000010000002400000030223020060A6086480186FA6C0A010230123010060A2B0601040182373C0101030200C009000000010000005E000000305C06082B0601050507030306082B0601050507030106082B0601050507030206082B0601050507030406082B0601050508020206082B0601050507030606082B0601050507030706082B06010505070308060A2B0601040182370A03040F0000000100000014000000F53631B5177626EB6541DF5563C8187D9DCA421A2000000001000000600400003082045C30820344A00302010202043863B966300D06092A864886F70D01010505003081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F7269747920283230343829301E170D3939313232343137353035315A170D3139313232343138323035315A3081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F726974792028323034382930820122300D06092A864886F70D01010105000382010F003082010A0282010100AD4D4BA91286B2EAA320071516642A2B4BD1BF0B4A4D8EED8076A567B77840C07342C868C0DB532BDD5EB8769835938B1A9D7C133A0E1F5BB71ECFE524141EB181A98D7DB8CC6B4B03F1020CDCABA54024007F7494A19D0829B3880BF587779D55CDE4C37ED76A64AB851486955B9732506F3DC8BA660CE3FCBDB849C176894919FDC0A8BD89A3672FC69FBC711960B82DE92CC99076667B94E2AF78D665535D3CD69CB2CF2903F92FA450B2D448CE0532558AFDB2644C0EE4980775DB7FDFB9085560853029F97B48A46986E3353F1E865D7A7A15BDEF008E1522541700902693BC0E496891BFF847D39D9542C10E4DDF6F26CFC3182162664370D6D5C007E10203010001A3743072301106096086480186F8420101040403020007301F0603551D2304183016801455E481D11180BED889B908A331F9A1240916B970301D0603551D0E0416041455E481D11180BED889B908A331F9A1240916B970301D06092A864886F67D0741000410300E1B0856352E303A342E3003020490300D06092A864886F70D010105050003820101005947AC21848A17C99C89531EBA80851AC63C4E3EB19CB67CC6925D186402E3D3060811617C63E32B9D31037076D2A328A0F4BB9A6373ED6DE52ADBED14A92BC63611D02BEB078BA5DA9E5C199D5612F55429C805EDB2122A8DF4031BFFE7921087B03AB5C39D053712A3C7F415B9D5A439169B533A2391F1A882A26A8868C1790222BCAAA6D6AEDFB0145FB887D0DD7C7F7BFFAF1CCFE6DB07AD5EDB859DD02B0D33DB04D1E64940132B76FB3EE99C890F15CE18B08578214F6B4F0EFA3667CD07F2FF08D0E2DED9BF2AAFB88786213C04CAB794687FCF3CE998D738FFECC0D950F02E4B58AE466FD02EC360DA725572BD4C459E61BABF84819203D1D2697CC5
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\801D62D07B449D5C5C035C98EA61FA443C2A58FE
Blob
040000000100000010000000BA21EA20D6DDDB8FC1578B40ADA1FCFC0F0000000100000014000000F53631B5177626EB6541DF5563C8187D9DCA421A09000000010000005E000000305C06082B0601050507030306082B0601050507030106082B0601050507030206082B0601050507030406082B0601050508020206082B0601050507030606082B0601050507030706082B06010505070308060A2B0601040182370A030453000000010000002400000030223020060A6086480186FA6C0A010230123010060A2B0601040182373C0101030200C014000000010000001400000055E481D11180BED889B908A331F9A1240916B9701D0000000100000010000000E871723E266F38AF5D49CDA2A502669C0B000000010000001000000045006E00740072007500730074000000030000000100000014000000801D62D07B449D5C5C035C98EA61FA443C2A58FE19000000010000001000000091FAD483F14848A8A69B18B805CDBB3A2000000001000000600400003082045C30820344A00302010202043863B966300D06092A864886F70D01010505003081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F7269747920283230343829301E170D3939313232343137353035315A170D3139313232343138323035315A3081B431143012060355040A130B456E74727573742E6E65743140303E060355040B14377777772E656E74727573742E6E65742F4350535F3230343820696E636F72702E206279207265662E20286C696D697473206C6961622E2931253023060355040B131C286329203139393920456E74727573742E6E6574204C696D69746564313330310603550403132A456E74727573742E6E65742043657274696669636174696F6E20417574686F726974792028323034382930820122300D06092A864886F70D01010105000382010F003082010A0282010100AD4D4BA91286B2EAA320071516642A2B4BD1BF0B4A4D8EED8076A567B77840C07342C868C0DB532BDD5EB8769835938B1A9D7C133A0E1F5BB71ECFE524141EB181A98D7DB8CC6B4B03F1020CDCABA54024007F7494A19D0829B3880BF587779D55CDE4C37ED76A64AB851486955B9732506F3DC8BA660CE3FCBDB849C176894919FDC0A8BD89A3672FC69FBC711960B82DE92CC99076667B94E2AF78D665535D3CD69CB2CF2903F92FA450B2D448CE0532558AFDB2644C0EE4980775DB7FDFB9085560853029F97B48A46986E3353F1E865D7A7A15BDEF008E1522541700902693BC0E496891BFF847D39D9542C10E4DDF6F26CFC3182162664370D6D5C007E10203010001A3743072301106096086480186F8420101040403020007301F0603551D2304183016801455E481D11180BED889B908A331F9A1240916B970301D0603551D0E0416041455E481D11180BED889B908A331F9A1240916B970301D06092A864886F67D0741000410300E1B0856352E303A342E3003020490300D06092A864886F70D010105050003820101005947AC21848A17C99C89531EBA80851AC63C4E3EB19CB67CC6925D186402E3D3060811617C63E32B9D31037076D2A328A0F4BB9A6373ED6DE52ADBED14A92BC63611D02BEB078BA5DA9E5C199D5612F55429C805EDB2122A8DF4031BFFE7921087B03AB5C39D053712A3C7F415B9D5A439169B533A2391F1A882A26A8868C1790222BCAAA6D6AEDFB0145FB887D0DD7C7F7BFFAF1CCFE6DB07AD5EDB859DD02B0D33DB04D1E64940132B76FB3EE99C890F15CE18B08578214F6B4F0EFA3667CD07F2FF08D0E2DED9BF2AAFB88786213C04CAB794687FCF3CE998D738FFECC0D950F02E4B58AE466FD02EC360DA725572BD4C459E61BABF84819203D1D2697CC5
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.Language
ENU
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58F3C249-05A6-C01F-AA83-68EECC510E93}\Version
Assembly
CFC71D22315413CFF21A4354268120D6CFC71D22315413CFF21A4354268120D688AD8CBB5ED3F66B83A8A2CDF194269C890BB34AEBD806E41A50D3BD9C0B4765894872A600C9A701F40C362CBC4DA7643C23163DDACBB3759A8B6FA21EF3BAC7D2C55D1D3BD8642EE6B6F5AECEBD7182FBD805F7FF1EA178E6BC1E1C9F5C0952
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
GoogleAnalytics.CustomCategory
1.0.2.4-null-enu-null-lite
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
EnableFileTracing
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
EnableConsoleTracing
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
FileTracingMask
4294901760
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
ConsoleTracingMask
4294901760
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
MaxFileSize
1048576
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASAPI32
FileDirectory
%windir%\tracing
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
EnableFileTracing
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
EnableConsoleTracing
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
FileTracingMask
4294901760
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
ConsoleTracingMask
4294901760
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
MaxFileSize
1048576
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Installer_RASMANCS
FileDirectory
%windir%\tracing
2656
Installer.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2656
Installer.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000094000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.LastRun.Installer.exe
BFA9D322735CE540
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.CountRun.Installer.exe
0100000000000000
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
Installer.Analytics
8
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
Installer.Analytics
24
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: Setup Version
1.0.0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: Setup Version Bin
16777216
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: App Path
C:\Program Files\Outbyte\PC Repair
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
InstallLocation
C:\Program Files\Outbyte\PC Repair\
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: Icon Group
Outbyte\PC Repair
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: Icon Group Value
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte\PC Repair
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Setup: User
admin
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
DisplayName
Outbyte PC Repair
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
DisplayIcon
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
UninstallString
"C:\Program Files\Outbyte\PC Repair\unins000.exe"
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
QuietUninstallString
"C:\Program Files\Outbyte\PC Repair\unins000.exe" /Silent
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
DisplayVersion
1.0.2.4
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Publisher
Outbyte Computing Pty Ltd
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
URLInfoAbout
https://outbyte.com/support/contact/
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
HelpLink
https://outbyte.com/support/
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
URLUpdateInfo
https://outbyte.com/pc-repair/update/?version=1.0.2.4
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Readme
https://outbyte.com/support/manuals/
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
Contact
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
NoModify
1
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
NoRepair
1
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
InstallDate
20191009
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
MajorVersion
1
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
MinorVersion
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
VersionMajor
1
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
VersionMinor
0
2656
Installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1
EstimatedSize
64788
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.CustomClientId
{56B3C155-509A-40BB-A9F2-58E16646A500}
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.URLClientId
{56B3C155-509A-40BB-A9F2-58E16646A500}
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
EnableFileTracing
0
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
EnableConsoleTracing
0
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
FileTracingMask
4294901760
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
ConsoleTracingMask
4294901760
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
MaxFileSize
1048576
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASAPI32
FileDirectory
%windir%\tracing
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
EnableFileTracing
0
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
EnableConsoleTracing
0
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
FileTracingMask
4294901760
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
ConsoleTracingMask
4294901760
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
MaxFileSize
1048576
2860
ntdll.dll_repair-setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ntdll_RASMANCS
FileDirectory
%windir%\tracing
2860
ntdll.dll_repair-setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2860
ntdll.dll_repair-setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000093000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0
BCAgentCOM32
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\FLAGS
0
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\0\win32
C:\Program Files\Outbyte\PC Repair\BrowserCareHelper.Agent.x32.dll
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\HELPDIR
C:\Program Files\Outbyte\PC Repair\
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}
IBCAgent32
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\ProxyStubClsid
{00020424-0000-0000-C000-000000000046}
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\TypeLib
{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\TypeLib
Version
1.0
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}
AppID
{93469602-4134-4012-A6BC-F5ED88675F39}
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{93469602-4134-4012-A6BC-F5ED88675F39}
DllSurrogate
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}
Outbyte BCAgent32
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\InprocServer32
C:\PROGRA~1\Outbyte\PCREPA~1\BROWSE~3.DLL
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\InprocServer32
ThreadingModel
Free
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BCAgentCOM32.BCAgent32
Outbyte BCAgent32
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BCAgentCOM32.BCAgent32\Clsid
{93469602-4134-4012-A6BC-F5ED88675F39}
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\ProgID
BCAgentCOM32.BCAgent32
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\Version
1.0
3836
regsvr32.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\TypeLib
{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}
3864
PCRepair.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\72\52C64B7E
LanguageList
en-US
3864
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3864
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3864
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Name
PCRepair.exe
3864
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SetupapiLogStatus
setupapi.app.log
4096
3864
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.InstallDateTime
40062C26735CE540
3864
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
Application.ModulePath
C:\Program Files\Outbyte\PC Repair\
3864
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
Application.AutoStart
1
1368
PCRepair.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\72\52C64B7E
LanguageList
en-US
1368
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
1368
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
1368
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Name
PCRepair.exe
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
FirstInitDate
5D3B3E27735CE540
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
Popups.LibraryInitDate
5D3B3E27735CE540
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.LastRun.PCRepair.exe
2AA2AF27735CE540
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.CountRun.PCRepair.exe
0100000000000000
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
EnableFileTracing
0
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
EnableConsoleTracing
0
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
FileTracingMask
4294901760
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
ConsoleTracingMask
4294901760
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
MaxFileSize
1048576
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASAPI32
FileDirectory
%windir%\tracing
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
EnableFileTracing
0
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
EnableConsoleTracing
0
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
FileTracingMask
4294901760
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
ConsoleTracingMask
4294901760
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
MaxFileSize
1048576
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\PCRepair_RASMANCS
FileDirectory
%windir%\tracing
1368
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
1368
PCRepair.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000095000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.Country
GB
1368
PCRepair.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Outbyte\PC Repair\1.x\Settings
General.CountryID
242

Files activity

Executable files
14
Suspicious files
12
Text files
2
Unknown types
5

Dropped files

PID
Process
Filename
Type
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\SetupHelper.dll
executable
MD5: 063afac37a104d6afe50f3452a115013
SHA256: f2a87aae95b9465048a6352f95bcc0f03b7f6d70eb37d7c225e7b67f6611b0de
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\vcl250.bpl
executable
MD5: 6644f42cbf1e07a26f6a8caf7eed0586
SHA256: 5c2e31fdacbbd4d2e9edff23d771f3a2800cc53c959ba4ee41b86af6cf358f45
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Localizer.dll
executable
MD5: 1ad6d06f9c9d222ea52672f9f308f575
SHA256: 35b01d5215bd47782abb2d601a9c14f713d070d43b0ea83849ca8ca5ce9846a2
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\GoogleAnalyticsHelper.dll
executable
MD5: 6c853a7e65c7322887d264843441aad0
SHA256: 19deb83988e5017b552664ee54b19a0f2e33f328f28a9523cc4cde4530b37441
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\CommonForms.Site.dll
executable
MD5: 3093e0498b3a0e3e37b8095bd615d4f0
SHA256: c6e7d73eec61c77a22afd3c73497f30ecf5b821cd5b9e727e7f5822d319aae79
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\vclimg250.bpl
executable
MD5: 71e5cd192654bbbf626aebefa1f6d732
SHA256: da89d84c212617e3036dd7ec03de2e525af0d1b739f2c90b3de4e3666755576c
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\vclimg250.bpl
executable
MD5: 71e5cd192654bbbf626aebefa1f6d732
SHA256: da89d84c212617e3036dd7ec03de2e525af0d1b739f2c90b3de4e3666755576c
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\vcl250.bpl
executable
MD5: 6644f42cbf1e07a26f6a8caf7eed0586
SHA256: 5c2e31fdacbbd4d2e9edff23d771f3a2800cc53c959ba4ee41b86af6cf358f45
2656
Installer.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\__setup\islzma.dll
executable
MD5: 10d16e657af3bc025b925f9b83ed8fb6
SHA256: ac12a3faa457ae0bb5c94b75b03717c610b221317e9718f04bbad54e0acd382a
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Installer.exe
executable
MD5: 75ecbf62ad6d48a16a696f1574832d41
SHA256: dfb6efac5b08745486af36d18f2fd987e8130382edc56906b69f8650620e5a13
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Localizer.dll
executable
MD5: 1ad6d06f9c9d222ea52672f9f308f575
SHA256: 35b01d5215bd47782abb2d601a9c14f713d070d43b0ea83849ca8ca5ce9846a2
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\AxComponentsRTL.bpl
executable
MD5: 5ecbea8d9328a779a38b6b06a75f1823
SHA256: dfea31ec9d127092419a4ea5d0892e5a7f9c5a427b23f8dc49798c48f9418009
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\CommonForms.Site.dll
executable
MD5: 3093e0498b3a0e3e37b8095bd615d4f0
SHA256: c6e7d73eec61c77a22afd3c73497f30ecf5b821cd5b9e727e7f5822d319aae79
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\AxComponentsRTL.bpl
executable
MD5: 5ecbea8d9328a779a38b6b06a75f1823
SHA256: dfea31ec9d127092419a4ea5d0892e5a7f9c5a427b23f8dc49798c48f9418009
2656
Installer.exe
C:\Users\admin\Desktop\PC Repair.lnk
––
MD5: 461905c02e64c7b3469bad974861852d
SHA256: b6e82e3d9f633c03c4630955eaa6fede4969827791e199bd5145001705a727a8
2656
Installer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte\PC Repair\Outbyte PC Repair Uninstall.lnk
lnk
MD5: 28e8179d507cb22d7e671804e721a190
SHA256: 13f07e1801e5bd2f89e148fbaccaec5e7045cbb2aca955ad366beb06edd953f9
2656
Installer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte\PC Repair\Outbyte PC Repair.lnk
lnk
MD5: 809e2c0b997b0c753c989691fd89f29d
SHA256: 26d583582d510575282b65d0b2501937c644db1a3961ee7b0424dd4f3466b829
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\unins000.exe
––
MD5: 0099090cc87467fa8fcaa10de35fc0e2
SHA256: e5452fb86a73d02596181092cfbce1e49c2e717ebf150045cea54d4de8eb5786
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-VUAK1.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\WinPrivacyDB.dat
––
MD5: b5e60e6743d6ff62af76914f2c8c37d9
SHA256: dda3071ce3c29e1927ec44cbfe0f06d1c19419757dadb622fc18baa35202ec32
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-KJGD7.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\WinPrivacy.dll
––
MD5: 5c49231c9a76351e5c9bf2bedc366a20
SHA256: 1055d6bb275619f31a07173acc72a9352451d936d50557b953cc7d577368e7b8
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-UICCG.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\MalwareHeuristicHelper.dll
––
MD5: 4f22daeb00fb7623f555f36f6bcc57a0
SHA256: 7dac4ead7669952eb6c02b60038cd56cb6ca678e1a57516c23bd1d5dc6ec418f
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-IV2HK.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\MalwareDetectionHelper.dll
––
MD5: 87109a0a20b6c5e2c06e5981e645038f
SHA256: 7659a8b5a9a464eef4570f5d2d76c5af32c2f13437bcb5a2e2221b29771f27ca
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-LPDQ3.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\security_db.dat
––
MD5: 8ae4f0284b73e1242383dd50cf37aa87
SHA256: aa0c67a6d50f4785517405c810515e0c1f41d914c4fda2409e498e7482b2e4a0
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-6IV67.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\hwscheme.mdict
––
MD5: 3b4db4a0f14f72bfa8879f839148dda4
SHA256: f5804d2be471d3ca82fcb3feaf237fe6f4b9567a02d4c2f17218cddd6f402130
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-HQSDA.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\hsysfiles.mdict
––
MD5: f87648e8b552fe973c04010383bb2b9e
SHA256: 4482735b1b56a15d7a4dc53b9b82ba40f98e8249d189d5764a78848ff2d3b29b
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\hmthinfo.mdict
––
MD5: 4cf80f8ec8110be2c1b7ab7171bebb46
SHA256: 847638768ee5e5e5b9e31f70f92016441f0f524a882fbfba1314d686f489169d
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-ML37V.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-OKVBV.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\hbwlists.mdict
––
MD5: 0a2578397c230ed49a0d7db0adfaafe3
SHA256: 135e23f071fb4f0c5cd0a66f7e26093bce81fa48f31e0cfd774acd57dcb249f1
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-KQ8O0.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\compromised_passwords.txt
––
MD5: 4706d8a0a5d0c97486ecfe83cd2ca4ba
SHA256: 0e16aa076aed47af3156eba064491b7cb35947f40aaea3a1df9b88099092bca6
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\database.dat
––
MD5: d07bc3039256c3218712b45cfdc84eeb
SHA256: eef6714d9bb755ab9b5f9f7f4b1f24d28a801401853c149c2b914ae1550f09ac
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-OP232.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-09S5N.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\BrowserCareHelper.Agent.x32.dll
––
MD5: 7378448e4e8bde7aaf8fd289b648d633
SHA256: 42b9b399db582148f815a9e70c7c7e5b2fe211df7144b6654ae50aaf2f7952b3
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\Database.dsdh
––
MD5: f5c6e0ef96e8d8d928e732fae31ebb55
SHA256: e6bd02c9de0a44f742ffb16241fa969384727513026f6942456e83d401b72e78
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-IV58T.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-0M68P.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\BrowserCareHelper.dll
––
MD5: 08378a5e505c1d4cb4dafb501d10d9c2
SHA256: 2152f193424752f7949503ce162739facd447541ca36f49d5fbbf975a9e88399
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-G0QF1.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\BrowserHelper.dll
––
MD5: 047c8b8231d8e164b721caf3c4e7c358
SHA256: eda36bb789f0222b5d9d34a49b071509b90f980fc4a68e986f02df8162412d5d
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-4IUB4.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\PerformanceMonitorHelper.dll
––
MD5: 920939771fbf6e376782db1a3269e5bb
SHA256: 02fdbd98074e5d3131ad6bfee7998599742458bbf5dfbbea5ef54b2715ac438b
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-4GE46.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\DataStorageHelper.dll
––
MD5: 9e350fa946fbe4bcc18f4609c054b92e
SHA256: 961784781ebef4983a120179c06e91b2b0687904128bf83034f67f1fb8f6f115
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-0KP2R.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ATPopupsHelper.dll
––
MD5: 09f42b245ad04aa050cb585cf9e349cb
SHA256: 5439ff5412fde81a3760d86d4c0ddbda7d5c25b3edf79d3ad2ec8f954f1129f2
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-QF46E.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ATUpdatersHelper.dll
––
MD5: c735f61974621d53841834aa112091b7
SHA256: e24b9170e8ca6285bd7bba4395f3976918fc373f0f2c22e3c54d4f130749e336
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-SD7SD.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ServiceManagerHelper.dll
––
MD5: 276ed3f2b7c21c1af73748a64ef1c89d
SHA256: 4e0908e0718dbf678f772eebb88ebbe80164b5c0f0ce2c73378090da3606262e
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-FOB51.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\DiskDefragHelper.dll
––
MD5: 04e6829072fec8da3456dcfd27cea00f
SHA256: 784966b7d704473b45fb0dc8dea88e71862b882cb8df4aa8fc71f0ce27f42fb2
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-V7SKD.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\DiskWipeHelper.dll
––
MD5: 10a6cf62a5ee8aee77fd89839c413633
SHA256: 8dee8d6d622f86bf9078ac4129e5d25fa71f73532cc799da4497235e324d39d5
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-ON9IH.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\TweakManagerHelper.dll
––
MD5: a97b834773f7740dca8542938f7396eb
SHA256: 43dc5fb9fa0f1f3c92bb0b1a0406c15bcbdce1d0b6c33743d1566953473397f1
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-9661Q.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\SystemInformationHelper.dll
––
MD5: 0eb30b37e50d2ea720e56d4291d6dd44
SHA256: 7fdce4df2b6237b0233032b76e104ec0cdc157eb3189828895b226580543d87d
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-RVA6N.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\RegistryCleanerHelper.dll
––
MD5: b6dee86511168e02db87dd466c96d181
SHA256: 532322129d3300ef746778e38808ed69fca55bfdfc22625e97199a4483e9e40b
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-4OOFO.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\DiskCleanerHelper.dll
––
MD5: 1cefff5cb89e27f9d62cb18b1cdffeaf
SHA256: b87aac4692ca54724b866115d10b46a7cbb9969798eb7cf6015548aceef58e83
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-FDAGK.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ReportHelper.dll
––
MD5: b87f01c2c902ee06ac73b7023519b063
SHA256: 913f064ba1dc23b683b246142c41bf83a612d20f67d2f6d345dd3877237d0626
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-8TN7K.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\SpywareCheckerHelper.dll
––
MD5: e1ff7ad97b6e295846b28fc9b680001f
SHA256: 01deb44f6fd9877c01fc3c656aca8f6c01dcdca17203911daf5d8191790f40eb
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-QDFOG.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\TaskSchedulerHelper.dll
––
MD5: bf2c802722270d68e38515b97eeb3108
SHA256: 7660862279602b6e9e306e9dd5130dbe7dbb9302694c8be2fdce3d75359e0960
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-7SIB4.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ShellExtension.ContextMenu.x64.dll
––
MD5: 26ef323263f12fdebc2c1691b81ae0f6
SHA256: afd202b199687d5b739b98479091739c2d9095cc7840eb7cc5800236c13e4437
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-ET6HS.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\ShellExtension.dll
––
MD5: 8b03bcc0d93ab9c126da2f261088f81d
SHA256: 5602f9b2a57a317882378ec0b6a0ca1ca1cc4dbfd551d274d0aa80a5220a9b6d
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-AHCU3.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\VolumesHelper.dll
––
MD5: 00f2401184df6ca4ef639f569a98886d
SHA256: 924010fdf583c40cc8cd10f2a2783035ab537d3f035f24becc5ce63e77f2bd7b
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-56GTJ.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\RescueCenterHelper.dll
––
MD5: dc44035a6bb890b95a0c04e87b7d3a4b
SHA256: 79d2d94f1283a9c8f6b368cacf5b2326e1956805882b3e4cd2058813810dbb43
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-9Q00N.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\RescueCenterForm.dll
––
MD5: 002a589d4f84aba34fab52d40ba1fc20
SHA256: da27a0d427370752ffd5fa99c2c91de6c26136eb288ba5bae07b30c910542b97
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-MV6RJ.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\CommonForms.Routine.dll
––
MD5: 2e7b969b762c53496f36db2da19fe1d0
SHA256: 591a9ee52faf428973770a9578b84e3b1dd8c261ffbd1e7a0bbfad12fb6f547d
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-R0DPE.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\CommonForms.dll
––
MD5: 4eb7898d15a6257e81870a5d23fba53f
SHA256: 184c2d94859f4289f3126c022d78f1ad9dee7ac491dcd061fcb8789ac3dc5e45
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-MADD8.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\main.ini
––
MD5: 53b7fd436d8a95f1840de40dd8df0a09
SHA256: ce3f64dc6c6a3ae941ab504975c04c05f8176a4dd5c63a33333802128a96f718
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\PCRepair.exe
––
MD5: 5360e413a1f8d7ee5b2f26d43b74491d
SHA256: 427bd262949c920df0f1dc49c2f23d6ac16d0b8d20ff67b6c23bb5fd6f2d8673
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Data\is-AFPES.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-OP871.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\SendDebugLog.exe
––
MD5: cab22d7065cdf6248b2264008fccbf22
SHA256: 456074f55423705cdefcaf210f34dea6a4db893fe09c6bf0080092a437fd9ae4
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\EULA.rtf
––
MD5: b7f2fa63d7de7f216c8d1b443afbb1ba
SHA256: 00b46f63fa9aeffb2290b98d7a5affd1d9c1bc2a87a5adfa149650088fdbae76
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-BONHT.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-TB9IO.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\DebugHelper.dll
––
MD5: 014191727715d7c4e33478a96253036c
SHA256: 2f3d8874ffd77399d5fb63a2d77f790d525f0be7229a6a9168873525030fe8fe
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-9CANO.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\sqlite3.dll
––
MD5: 54ab5abca505b6a9c78c0ab9760414d3
SHA256: 3f2a5319655e66c9a0ce09a4e3fbe0a8afee926a498849e10663a1479fffe99f
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-1T51D.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\GoogleAnalyticsHelper.dll
––
MD5: 6c853a7e65c7322887d264843441aad0
SHA256: 19deb83988e5017b552664ee54b19a0f2e33f328f28a9523cc4cde4530b37441
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-QT13P.tmp
––
MD5:  ––
SHA256:  ––
1368
PCRepair.exe
C:\Windows\INF\setupapi.app.log
––
MD5: a7b14eff9a15ef697e404b5acaf86568
SHA256: ad96f2a29bcf349f89063204d9a233b1e5707c8a396819f77ba1c45ff75161d4
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-288DA.tmp
––
MD5:  ––
SHA256:  ––
1368
PCRepair.exe
C:\ProgramData\Outbyte\PC Repair\1.x\Data\userstorage.db-journal
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-F661M.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\AxComponentsVCL.bpl
odttf
MD5: 741bf439e3d8973b817d05613b680099
SHA256: bb7437718795c94baeedd0961d609af5707f737258ccb00322e405d3dea65eb9
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-2JVC0.tmp
––
MD5:  ––
SHA256:  ––
3864
PCRepair.exe
C:\ProgramData\Outbyte\PC Repair\1.x\Data\userstorage.db
––
MD5: e259710203fd774b135ad8ea27dced8e
SHA256: ae38ddbce62f370e3b6afe082a98aedc55e900f172a19a463e9ddd4f7a73ef24
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-DJSFA.tmp
––
MD5:  ––
SHA256:  ––
3864
PCRepair.exe
C:\Program Files\Outbyte\PC Repair\data\cmpdw.dict
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-BT5G7.tmp
––
MD5:  ––
SHA256:  ––
3864
PCRepair.exe
C:\Program Files\Outbyte\PC Repair\Data\cmpdw.dict-journal
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-55LMR.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\rtl250.bpl
––
MD5: 772ba3cf1da82f1fde5daf5b9e0486e3
SHA256: d4e909584bb9b9d4018fd13ed0230e7769baa695f49cfbaa1535c0318d169762
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\is-A6AS1.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\ita.lng
binary
MD5: 478f0cdffb71e5a2437254ee6f5391cb
SHA256: bf44ef751d782dc8ff85cb0d651d9d60be86536e3e8656f3eaee28f710b6e9df
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-LFOON.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\ptb.lng
binary
MD5: f9e8b8e9d2dcdb7b519bde13933a5c10
SHA256: 19a788a6902ffcee298c675b1674bb5f095b397c60266ba17ddbb28faa76ef41
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-8NF2N.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\fra.lng
binary
MD5: 5af2f6333252a108f4f524c7e0e63335
SHA256: e4ce64d4087f8685d7b459281577c161d9d5fb6431b4d4a0d7316fa2170d1721
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-6FE5I.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\esp.lng
binary
MD5: e456ee69a89d9f5d4f3d40d545a10a53
SHA256: b15b4075e73d46e72c917f5000e71bb68ffb369ca6ecc0c0beb24685d957be5a
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-RHMQP.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\deu.lng
binary
MD5: c7d84d1ec9246b3c44d3ce85a1e1c5f3
SHA256: 73f999c4d879401cdb8ab09fc8d041c0cc4e2b93be2ba61544c2293035596fde
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-10489.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\enu.lng
binary
MD5: ed847ff63824762cfaa7a378e0e366e0
SHA256: 9fd5ccc01a20ff6bb3e5e89e37ac7bab50e848fdcba2d5f4608075031a72d7e8
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\Lang\is-00001.tmp
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\places.sqlite-shm
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shm
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\ProgramData\Outbyte\PC Repair\1.x\$$$History138071674
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\ProgramData\Outbyte\PC Repair\1.x\$$$Databases.db138071642
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\ProgramData\Outbyte\PC Repair\1.x\$$$Cookies138071611
––
MD5:  ––
SHA256:  ––
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Data\main.ini
text
MD5: 53b7fd436d8a95f1840de40dd8df0a09
SHA256: ce3f64dc6c6a3ae941ab504975c04c05f8176a4dd5c63a33333802128a96f718
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\PCRepair.exe
odttf
MD5: 5360e413a1f8d7ee5b2f26d43b74491d
SHA256: 427bd262949c920df0f1dc49c2f23d6ac16d0b8d20ff67b6c23bb5fd6f2d8673
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\EULA.rtf
text
MD5: b7f2fa63d7de7f216c8d1b443afbb1ba
SHA256: 00b46f63fa9aeffb2290b98d7a5affd1d9c1bc2a87a5adfa149650088fdbae76
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\sqlite3.dll
––
MD5: 54ab5abca505b6a9c78c0ab9760414d3
SHA256: 3f2a5319655e66c9a0ce09a4e3fbe0a8afee926a498849e10663a1479fffe99f
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\BrowserHelper.dll
––
MD5: 047c8b8231d8e164b721caf3c4e7c358
SHA256: eda36bb789f0222b5d9d34a49b071509b90f980fc4a68e986f02df8162412d5d
3864
PCRepair.exe
C:\Program Files\Outbyte\PC Repair\data\cmpdw.dict-journal
––
MD5: 34bbe8f9e503eec5a0148640b1d6596f
SHA256: a4673b847d69a98889136231d97ab58cc7cf8c53f866f3e1dbbd515767d0242d
3864
PCRepair.exe
C:\Windows\INF\setupapi.app.log
––
MD5: 7c7a3f9ec9572ab616bdf21175d48e9f
SHA256: 9df1faabc6535c957df9229972c50f06877473beee1581634f6b133305947ea9
3864
PCRepair.exe
C:\Windows\INF\setupapi.app.log
––
MD5: f2a7daceae76a6eb0498c0e1e4c8fa6c
SHA256: 9bb33f522e3aaf22645a3430af4646afde70d8399dbe8d95c534f6cd8726a104
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\AxComponentsVCL.bpl
odttf
MD5: 741bf439e3d8973b817d05613b680099
SHA256: bb7437718795c94baeedd0961d609af5707f737258ccb00322e405d3dea65eb9
3864
PCRepair.exe
C:\ProgramData\Outbyte\PC Repair\1.x\Data\userstorage.db-journal
––
MD5:  ––
SHA256:  ––
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\unins000.dat
––
MD5: fde7eabf69c3a74aa68e46f76bffceeb
SHA256: e2ee30e3c0adb901dd82e7f532e68cbfa3b22a88e9fdd6b1fff088fac5604d62
2656
Installer.exe
C:\Program Files\Outbyte\PC Repair\unins000.src
––
MD5:  ––
SHA256:  ––
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\rtl250.bpl
––
MD5: 772ba3cf1da82f1fde5daf5b9e0486e3
SHA256: d4e909584bb9b9d4018fd13ed0230e7769baa695f49cfbaa1535c0318d169762
1368
PCRepair.exe
C:\ProgramData\Outbyte\PC Repair\1.x\ScannerDB.dat-journal
––
MD5:  ––
SHA256:  ––
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\ita.lng
binary
MD5: 478f0cdffb71e5a2437254ee6f5391cb
SHA256: bf44ef751d782dc8ff85cb0d651d9d60be86536e3e8656f3eaee28f710b6e9df
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\ptb.lng
binary
MD5: f9e8b8e9d2dcdb7b519bde13933a5c10
SHA256: 19a788a6902ffcee298c675b1674bb5f095b397c60266ba17ddbb28faa76ef41
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\fra.lng
binary
MD5: 5af2f6333252a108f4f524c7e0e63335
SHA256: e4ce64d4087f8685d7b459281577c161d9d5fb6431b4d4a0d7316fa2170d1721
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\esp.lng
binary
MD5: e456ee69a89d9f5d4f3d40d545a10a53
SHA256: b15b4075e73d46e72c917f5000e71bb68ffb369ca6ecc0c0beb24685d957be5a
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\deu.lng
binary
MD5: c7d84d1ec9246b3c44d3ce85a1e1c5f3
SHA256: 73f999c4d879401cdb8ab09fc8d041c0cc4e2b93be2ba61544c2293035596fde
2860
ntdll.dll_repair-setup.exe
C:\Users\admin\AppData\Local\Temp\is-838689.tmp\Lang\enu.lng
binary
MD5: ed847ff63824762cfaa7a378e0e366e0
SHA256: 9fd5ccc01a20ff6bb3e5e89e37ac7bab50e848fdcba2d5f4608075031a72d7e8
1368
PCRepair.exe
C:\DDFC36AF-D567-4D21-B5E7-8A66D3D5C4FF.tmp
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
12
TCP/UDP connections
4
DNS requests
2
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted
2656 Installer.exe POST 200 172.217.22.110:80 http://www.google-analytics.com/collect US
––
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2656 Installer.exe 45.79.210.152:443 Linode, LLC US unknown
2656 Installer.exe 172.217.22.110:80 Google Inc. US whitelisted
1368 PCRepair.exe 45.79.210.152:443 Linode, LLC US unknown

DNS requests

Domain IP Reputation
outbyte.com 45.79.210.152
unknown
www.google-analytics.com 172.217.22.110
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.