| URL: | https://www.pdfforge.org/pdfcreator/download |
| Full analysis: | https://app.any.run/tasks/e70f9c1e-131c-4af9-8b37-b9095b9ee883 |
| Verdict: | Malicious activity |
| Threats: | Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security. |
| Analysis date: | April 29, 2019, 14:10:14 |
| OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
| Tags: | |
| Indicators: | |
| MD5: | 5A3FD0149276A2A45424EC348C79C39C |
| SHA1: | EBBFE4C22A3FA84922168BF3BBA19460155052DD |
| SHA256: | D11FD0427142E8613A2D353E68983C694323E766CF756996EC6A711E29D220BF |
| SSDEEP: | 3:N8DSLTKSFScaFJp:2OLTKSFuFz |
MALICIOUS
Changes settings of System certificates
- DownloadUpdateInfo.tmp (PID: 3988)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
- architect-setup.exe (PID: 3752)
Registers / Runs the DLL via REGSVR32.EXE
- architect-setup.exe (PID: 3752)
Application was dropped or rewritten from another process
- PDF_Architect_7_Installer.exe (PID: 480)
- PDFCreator.exe (PID: 4076)
- SetupHelper.exe (PID: 2184)
- SetupHelper.exe (PID: 3168)
- installer.exe (PID: 2616)
- GenericSetup.exe (PID: 3376)
- GenericSetup.exe (PID: 2928)
- PrinterHelper.exe (PID: 2152)
- OfferInstaller.exe (PID: 2344)
- jxc5rcxs.ktx.exe (PID: 3572)
- WebCompanionInstaller.exe (PID: 2824)
Loads dropped or rewritten executable
- spoolsv.exe (PID: 1196)
- PDFCreator.exe (PID: 4076)
- RegAsm.exe (PID: 2408)
- GenericSetup.exe (PID: 2928)
- GenericSetup.exe (PID: 3376)
- DllHost.exe (PID: 3584)
- regsvr32.exe (PID: 688)
- SetupHelper.exe (PID: 3168)
- RegAsm.exe (PID: 2332)
- OfferInstaller.exe (PID: 2344)
- SetupHelper.exe (PID: 2184)
- WebCompanionInstaller.exe (PID: 2824)
LAVASOFT was detected
- installer.exe (PID: 2616)
Downloads executable files from the Internet
- OfferInstaller.exe (PID: 2344)
SUSPICIOUS
Executable content was dropped or overwritten
- PDFCreator-3_4_1-Setup[1].exe (PID: 2336)
- iexplore.exe (PID: 2940)
- PDFCreator-3_4_1-Setup[1].exe (PID: 3184)
- DownloadUpdateInfo.tmp (PID: 3988)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
- DownloadUpdateInfo.exe (PID: 3500)
- architect-setup.exe (PID: 3752)
- spoolsv.exe (PID: 1196)
- InstallCheck.exe (PID: 4080)
- lsop.exe (PID: 2592)
- PrinterHelper.exe (PID: 2152)
- InstallCheck.tmp (PID: 3912)
- OfferInstaller.exe (PID: 2344)
- jxc5rcxs.ktx.exe (PID: 3572)
Adds / modifies Windows certificates
- DownloadUpdateInfo.tmp (PID: 3988)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
- architect-setup.exe (PID: 3752)
Starts itself from another location
- architect-setup.exe (PID: 3752)
Creates COM task schedule object
- RegAsm.exe (PID: 2408)
- regsvr32.exe (PID: 688)
- RegAsm.exe (PID: 2332)
Creates files in the program directory
- RegAsm.exe (PID: 2408)
- PrinterHelper.exe (PID: 2152)
- WebCompanionInstaller.exe (PID: 2824)
Removes files from Windows directory
- spoolsv.exe (PID: 1196)
- PrinterHelper.exe (PID: 2152)
Creates files in the Windows directory
- PrinterHelper.exe (PID: 2152)
- spoolsv.exe (PID: 1196)
Reads Environment values
- GenericSetup.exe (PID: 2928)
- GenericSetup.exe (PID: 3376)
- OfferInstaller.exe (PID: 2344)
Reads Windows owner or organization settings
- GenericSetup.exe (PID: 2928)
- GenericSetup.exe (PID: 3376)
- OfferInstaller.exe (PID: 2344)
Reads the Windows organization settings
- GenericSetup.exe (PID: 2928)
- GenericSetup.exe (PID: 3376)
- OfferInstaller.exe (PID: 2344)
Searches for installed software
- PDFCreator.exe (PID: 4076)
- GenericSetup.exe (PID: 3376)
Application launched itself
- GenericSetup.exe (PID: 2928)
Starts CMD.EXE for commands execution
- OfferInstaller.exe (PID: 2344)
Starts SC.EXE for service management
- WebCompanionInstaller.exe (PID: 2824)
INFO
Application launched itself
- iexplore.exe (PID: 2684)
Changes internet zones settings
- iexplore.exe (PID: 2684)
Reads settings of System Certificates
- iexplore.exe (PID: 2940)
- iexplore.exe (PID: 2684)
Changes settings of System certificates
- iexplore.exe (PID: 2684)
Reads Internet Cache Settings
- iexplore.exe (PID: 2940)
- iexplore.exe (PID: 3408)
Application was dropped or rewritten from another process
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 304)
- DownloadUpdateInfo.tmp (PID: 3988)
- DownloadUpdateInfo.exe (PID: 3500)
- lsop.exe (PID: 2592)
- architect-setup.exe (PID: 3752)
- InstallCheck.tmp (PID: 3912)
- InstallCheck.exe (PID: 4080)
Creates files in the user directory
- iexplore.exe (PID: 2940)
- FlashUtil32_26_0_0_131_ActiveX.exe (PID: 3316)
- iexplore.exe (PID: 3408)
Reads internet explorer settings
- iexplore.exe (PID: 2940)
- iexplore.exe (PID: 3408)
Adds / modifies Windows certificates
- iexplore.exe (PID: 2684)
Loads dropped or rewritten executable
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
- DownloadUpdateInfo.tmp (PID: 3988)
- InstallCheck.tmp (PID: 3912)
- architect-setup.exe (PID: 3752)
Dropped object may contain Bitcoin addresses
- architect-setup.exe (PID: 3752)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
Creates files in the program directory
- architect-setup.exe (PID: 3752)
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
Creates a software uninstall entry
- PDFCreator-3_4_1-Setup[1].tmp (PID: 3840)
Searches for installed software
- msiexec.exe (PID: 1920)
Low-level read access rights to disk partition
- vssvc.exe (PID: 3352)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
Total processes
84
Monitored processes
36
Malicious processes
19
Suspicious processes
3
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 304 | "C:\Users\admin\AppData\Local\Temp\is-131IL.tmp\PDFCreator-3_4_1-Setup[1].tmp" /SL5="$3022E,36058111,57856,C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\PDFCreator-3_4_1-Setup[1].exe" | C:\Users\admin\AppData\Local\Temp\is-131IL.tmp\PDFCreator-3_4_1-Setup[1].tmp | — | PDFCreator-3_4_1-Setup[1].exe | |||||||||||
User: admin Integrity Level: MEDIUM Description: Setup/Uninstall Exit code: 0 Version: 51.52.0.0 Modules
| |||||||||||||||
| 480 | "C:\ProgramData\PDF Architect 7\Installation\PDF_Architect_7_Installer.exe" /RegServer | C:\ProgramData\PDF Architect 7\Installation\PDF_Architect_7_Installer.exe | — | architect-setup.exe | |||||||||||
User: admin Company: © pdfforge GmbH. Integrity Level: HIGH Description: PDF Architect 7 Installer Exit code: 0 Version: 7.0.21.1534 Modules
| |||||||||||||||
| 688 | regsvr32.exe /s "C:\ProgramData\PDF Architect 7\Installation\Statistics.dll" | C:\Windows\system32\regsvr32.exe | — | architect-setup.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: HIGH Description: Microsoft(C) Register Server Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
| 1196 | C:\Windows\System32\spoolsv.exe | C:\Windows\System32\spoolsv.exe | services.exe | ||||||||||||
User: SYSTEM Company: Microsoft Corporation Integrity Level: SYSTEM Description: Spooler SubSystem App Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
| 1772 | "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000 | C:\Windows\system32\sc.exe | — | WebCompanionInstaller.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: HIGH Description: A tool to aid in developing services for WindowsNT Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
| 1920 | C:\Windows\system32\msiexec.exe /V | C:\Windows\system32\msiexec.exe | — | services.exe | |||||||||||
User: SYSTEM Company: Microsoft Corporation Integrity Level: SYSTEM Description: Windows® installer Exit code: 0 Version: 5.0.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
| 2152 | "C:\Program Files\PDFCreator\PrinterHelper.exe" /InstallPrinter "PDFCreator" /PortApplication "C:\Program Files\PDFCreator\PDFCreator.exe" /Log "C:\Program Files\PDFCreator\PrinterHelperSetupLog.txt" | C:\Program Files\PDFCreator\PrinterHelper.exe | PDFCreator-3_4_1-Setup[1].tmp | ||||||||||||
User: admin Company: pdfforge Integrity Level: HIGH Description: PrinterHelper Exit code: 0 Version: 1.6.1 Modules
| |||||||||||||||
| 2184 | "C:\Program Files\PDFCreator\SetupHelper.exe" /FileExtensions=Add | C:\Program Files\PDFCreator\SetupHelper.exe | — | PDFCreator-3_4_1-Setup[1].tmp | |||||||||||
User: admin Company: pdfforge Integrity Level: HIGH Description: SetupHelper Exit code: 0 Version: 1.2.0.0 Modules
| |||||||||||||||
| 2332 | "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" "C:\Program Files\PDFCreator\PDFCreatorShell.dll" /codebase | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | — | SetupHelper.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: HIGH Description: Microsoft .NET Assembly Registration Utility Exit code: 0 Version: 4.6.1055.0 built by: NETFXREL2 Modules
| |||||||||||||||
| 2336 | "C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\PDFCreator-3_4_1-Setup[1].exe" | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\PDFCreator-3_4_1-Setup[1].exe | iexplore.exe | ||||||||||||
User: admin Company: pdfforge GmbH Integrity Level: MEDIUM Description: PDFCreator is the easy way of creating PDFs. Exit code: 0 Version: 3.4.1 Modules
| |||||||||||||||
Total events
7 027
Read events
4 012
Write events
2 961
Delete events
54
Modification events
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main |
| Operation: | write | Name: | CompatibilityFlags |
Value: 0 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
| Operation: | write | Name: | UNCAsIntranet |
Value: 0 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
| Operation: | write | Name: | AutoDetect |
Value: 1 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones |
| Operation: | write | Name: | SecuritySafe |
Value: 1 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings |
| Operation: | write | Name: | ProxyEnable |
Value: 0 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections |
| Operation: | write | Name: | SavedLegacySettings |
Value: 460000006E000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active |
| Operation: | write | Name: | {8B44B789-6A88-11E9-B3B3-5254004A04AF} |
Value: 0 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore |
| Operation: | write | Name: | Type |
Value: 4 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore |
| Operation: | write | Name: | Count |
Value: 1 | |||
| (PID) Process: | (2684) iexplore.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore |
| Operation: | write | Name: | Time |
Value: E307040001001D000E000A001E008F03 | |||
Executable files
125
Suspicious files
33
Text files
486
Unknown types
83
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 2684 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6QNMHE9\favicon[1].ico | — | |
MD5:— | SHA256:— | |||
| 2684 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FDGAF34L\download[1].txt | — | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat | dat | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat | dat | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FDGAF34L\css[2].txt | text | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3EXDUV2C\css___8fkY7jVqo-4Ndej3PV4tlmXwf6Tj-ux0JVokdyQ_Ks__s8tdIiouFTtEFxzBRer5SnAvvPF65Ra7VT2yl129omg__MLpbAoCTnQWzzEdr73bEIbJjLal-mpOHtcyYK5bbGLw[1].css | text | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3EXDUV2C\js[1] | — | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZWLWC5YS\css[1].txt | text | |
MD5:— | SHA256:— | |||
| 2940 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FDGAF34L\css[1].txt | text | |
MD5:— | SHA256:— | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
122
TCP/UDP connections
136
DNS requests
49
Threats
7
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/styles/overwrite.css | US | text | 1.53 Kb | malicious |
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/scripts/vendor/modernizr.js | US | html | 4.95 Kb | malicious |
2940 | iexplore.exe | GET | 404 | 216.239.32.21:80 | http://download.pdfforge.org/themes/pdfcreator/fonts/OpenSans-Regular-webfont.eot? | US | html | 330 b | malicious |
2940 | iexplore.exe | GET | 200 | 8.248.113.254:80 | http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab | US | compressed | 55.6 Kb | whitelisted |
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/styles/ie.css | US | text | 210 b | malicious |
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/styles/screen.css | US | text | 42.4 Kb | malicious |
2940 | iexplore.exe | GET | 404 | 216.239.32.21:80 | http://download.pdfforge.org/stylesheets/fonts/bootstrap/glyphicons-halflings-regular.eot? | US | html | 338 b | malicious |
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/images/base/en_logo.png | US | image | 11.3 Kb | malicious |
2940 | iexplore.exe | GET | 200 | 172.217.22.42:80 | http://fonts.googleapis.com/css?family=Roboto+Slab | US | text | 173 b | whitelisted |
2940 | iexplore.exe | GET | 200 | 216.239.32.21:80 | http://download.pdfforge.org/scripts/vendor/adsense_cse.js | US | text | 1.01 Kb | malicious |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
2684 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
2940 | iexplore.exe | 178.33.77.134:443 | www.pdfforge.org | OVH SAS | FR | malicious |
2940 | iexplore.exe | 172.217.22.42:443 | fonts.googleapis.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 172.217.16.138:443 | maps.googleapis.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 74.125.140.82:443 | html5shiv.googlecode.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 216.58.206.3:443 | fonts.gstatic.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 172.217.22.46:443 | www.google-analytics.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 172.217.21.226:443 | pagead2.googlesyndication.com | Google Inc. | US | whitelisted |
2940 | iexplore.exe | 13.35.253.117:443 | clientcdn.pushengage.com | — | US | suspicious |
2940 | iexplore.exe | 8.248.113.254:80 | www.download.windowsupdate.com | Level 3 Communications, Inc. | US | suspicious |
DNS requests
Domain | IP | Reputation |
|---|---|---|
www.bing.com |
| whitelisted |
www.pdfforge.org |
| unknown |
fonts.googleapis.com |
| whitelisted |
maps.googleapis.com |
| whitelisted |
ajax.googleapis.com |
| whitelisted |
html5shiv.googlecode.com |
| whitelisted |
fonts.gstatic.com |
| whitelisted |
www.google-analytics.com |
| whitelisted |
pagead2.googlesyndication.com |
| whitelisted |
clientcdn.pushengage.com |
| shared |
Threats
PID | Process | Class | Message |
|---|---|---|---|
2940 | iexplore.exe | Generic Protocol Command Decode | SURICATA STREAM excessive retransmissions |
3840 | PDFCreator-3_4_1-Setup[1].tmp | Generic Protocol Command Decode | SURICATA STREAM excessive retransmissions |
2616 | installer.exe | A Network Trojan was detected | ET MALWARE Lavasoft PUA/Adware Client Install |
2344 | OfferInstaller.exe | Potential Corporate Privacy Violation | ET POLICY PE EXE or DLL Windows file download HTTP |
2344 | OfferInstaller.exe | Potentially Bad Traffic | ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download |
2344 | OfferInstaller.exe | Misc activity | ET INFO EXE - Served Attached HTTP |
2824 | WebCompanionInstaller.exe | Generic Protocol Command Decode | SURICATA STREAM excessive retransmissions |
Process | Message |
|---|---|
GenericSetup.exe |
*** Status originated: -1072365543
*** Source File: d:\iso_whid\x86fre\base\isolation\id_parser.cpp, line 352
|
GenericSetup.exe |
*** Status propagated: -1072365543
*** Source File: d:\iso_whid\x86fre\base\isolation\com\identityauthority.cpp, line 147
|
WebCompanionInstaller.exe | Detecting windows culture
|
WebCompanionInstaller.exe | 4/29/2019 3:15:15 PM :-> Starting installer 4.6.1974.3869 with: .\WebCompanionInstaller.exe --partner=PF170501 --version=4.6.1974.3869 --prod --silent --homepage=1 --search=1 --partner=PF170501, Run as admin: True
|
WebCompanionInstaller.exe | Preparing for installing Web Companion
|
WebCompanionInstaller.exe | 4/29/2019 3:15:16 PM :-> Generating Machine and Install Id ...
|
WebCompanionInstaller.exe | 4/29/2019 3:15:16 PM :-> Machine Id and Install Id has been generated
|
WebCompanionInstaller.exe | 4/29/2019 3:15:16 PM :-> Checking prerequisites ...
|
WebCompanionInstaller.exe | 4/29/2019 3:15:16 PM :-> Antivirus not detected
|
WebCompanionInstaller.exe | 4/29/2019 3:15:17 PM :-> vm_check False
|