Analysis Overview
SHA256
f84552f506989cca3d3b592a9020931715b5a6675dbe44c9d1fdea36646537c6
Threat Level: Likely malicious
The file outbyte-driver-updater.exe was found to be: Likely malicious.
Malicious Activity Summary
Drops file in Drivers directory
Checks BIOS information in registry
Reads user/profile data of web browsers
Writes to the Master Boot Record (MBR)
Enumerates connected drives
Downloads MZ/PE file
Drops file in System32 directory
Launches sc.exe
Loads dropped DLL
Drops file in Program Files directory
Executes dropped EXE
Registers COM server for autorun
Drops file in Windows directory
Checks installed software on the system
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious behavior: LoadsDriver
Suspicious use of FindShellTrayWindow
Uses Volume Shadow Copy service COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Checks SCSI registry key(s)
Modifies registry class
Modifies system certificate store
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-14 09:43
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 09:43
Reported
2024-06-14 09:46
Platform
win11-20240611-en
Max time kernel
187s
Max time network
203s
Command Line
Signatures
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\drivers\storahci.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\drivers\storahci.sys | C:\Windows\system32\DrvInst.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
Reads user/profile data of web browsers
Downloads MZ/PE file
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| File opened (read-only) | \??\F: | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\DriverStore\FileRepository\c_dot4.inf_amd64_387087eb20217c33\c_dot4.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmbsb.inf_amd64_21e2506ffb3ca7c4\mdmbsb.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmcxpv6.inf_amd64_46a3b42507e9d29e\mdmcxpv6.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmgl009.inf_amd64_de3a443a08f67fbf\mdmgl009.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmsuprv.inf_amd64_ec058ff99a62396c\mdmsuprv.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\nete1g3e.inf_amd64_af58b4e19562a3f9\nete1g3e.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netsstpa.inf_amd64_8a3d09c4ce3bae33\netsstpa.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netxex64.inf_amd64_ede00b448bfe8099\netxex64.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\rtvdevx64.inf_amd64_7b972df4e09f9463\rtvdevx64.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\scmbus.inf_amd64_46f2129ac3d2e9c9\scmbus.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\circlass.inf_amd64_8235ce7c619f415a\circlass.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\ipoib6x.inf_amd64_ef71073a5867971f\ipoib6x.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netnwifi.inf_amd64_0525128a3d54207e\netnwifi.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\errdev.inf_amd64_6488cd71b2eb9399\errdev.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\c_nettrans.inf_amd64_9859e6d1394d99d3\c_nettrans.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidi2c.inf_amd64_8d859501766e75c8\hidi2c.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidserv.inf_amd64_a5f08d2285e888ad\hidserv.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\ialpss2i_i2c_skl.inf_amd64_9d9dbb01837eba23\ialpss2i_i2c_skl.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmcdp.inf_amd64_d46587d2ff3f7bda\mdmcdp.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\monitor.inf_amd64_5653ba7de4b18c6f\monitor.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\wdmaudioapo.inf_amd64_666d669b440bea7b\wdmaudioapo.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\bth.inf_amd64_20a41d5e1a37710f\bth.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\netax88179_178a.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\pcmcia.inf_amd64_4efa1b843efa7081\pcmcia.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\ucmucsiacpiclient.inf_amd64_f0308fbfa34e312d\ucmucsiacpiclient.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\acpipmi.inf_amd64_e483b4d6fbab8545\acpipmi.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\image.inf_amd64_453bbde94b3e8428\image.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\itsas35i.inf_amd64_2dd0adfe5dc63075\itsas35i.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mchgr.inf_amd64_ec6b084dd265a1b9\mchgr.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmmhrtz.inf_amd64_5d1db907496dac72\mdmmhrtz.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_eeea0aec44c581b1\tsgenericusbdriver.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\tsusbhubfilter.inf_amd64_3bf74adaa444f9a2\tsusbhubfilter.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidbthle.inf_amd64_bebfd744ed9bdc17\hidbthle.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmhandy.inf_amd64_85e447bc15bac623\mdmhandy.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\microsoft_bluetooth_hfp_ag.inf_amd64_84a210036c6c1bdf\microsoft_bluetooth_hfp_ag.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netrasa.inf_amd64_1ed57daf97af7063\netrasa.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netwtw04.inf_amd64_c8f5ae6576289a2d\netwtw04.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\halextintcpsedma.inf_amd64_d3e62b6f129de692\halextintcpsedma.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmvdot.inf_amd64_f7f5b8f855852d83\mdmvdot.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\vhdmp.inf_amd64_1493e724f07f9b39\vhdmp.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\winusb.inf_amd64_d1861060a4b1a6d4\winusb.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\c_swdevice.inf_amd64_655de2ccc6addd01\c_swdevice.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmmhzel.inf_amd64_6c08d3673a4d55d5\mdmmhzel.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\sbp2.inf_amd64_b49086bce4c5a198\sbp2.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\net7500-x64-n650f.inf_amd64_cc87c915f33d1c27\net7500-x64-n650f.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\ts_wpdmtp.inf_amd64_7348bc0ffede0fbd\ts_wpdmtp.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\c_fssecurityenhancer.inf_amd64_bb1702e2cd245784\c_fssecurityenhancer.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidcfu.inf_amd64_7d09abe473dca6d0\hidcfu.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidinterrupt.inf_amd64_8193b4bcbf971b6d\hidinterrupt.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\msdri.inf_amd64_3aba8686305c0121\msdri.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmcom1.inf_amd64_32b8d1c2c827f4fb\mdmcom1.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmisdn.inf_amd64_31a73abccc49b200\mdmisdn.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmusrf.inf_amd64_9056257dfb9fbaf1\mdmusrf.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\oposdrv.inf_amd64_f311c1c114f952ea\oposdrv.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\c_keyboard.inf_amd64_59f8ec14d1f36993\c_keyboard.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\hidirkbd.inf_amd64_d311cc724d741914\hidirkbd.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_726cea1f0f349cf7\machine.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmmcom.inf_amd64_c4bc249cf104303d\mdmmcom.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\xinputhid.inf_amd64_6c32bb61e34a79ed\xinputhid.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\61883.inf_amd64_eb7cb6e4bc1e4d57\61883.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\acpipagr.inf_amd64_a661407420d5cf84\acpipagr.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\mdmeric2.inf_amd64_cd8318cd62ae9bc9\mdmeric2.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| File created | C:\Windows\system32\DriverStore\FileRepository\netbvbda.inf_amd64_06bc8afcd2617abf\netbvbda.PNF | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-9661Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-SD7SD.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-56GTJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Outbyte\PC Repair\data\cmpdw.dict-wal | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\Lang\is-10489.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-QDFOG.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Data\is-9EPAN.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-MV6RJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-V7SKD.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-KQ8O0.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-IV2HK.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-VUAK1.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Lang\is-6FE5I.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Lang\is-2JVC0.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-1T51D.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-FDAGK.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-TB9IO.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-BONHT.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-FOB51.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-0KP2R.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\Lang\is-LFOON.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\Lang\is-A6AS1.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-DJSFA.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-F661M.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Lang\is-55LMR.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-BONHT.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Data\is-2NUEI.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-7PK6D.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Data\is-S6R0G.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-G0QF1.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\Lang\is-RHMQP.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-G0QF1.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-KQ8O0.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-F661M.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-AFPES.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Outbyte\PC Repair\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-SD7SD.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-UICCG.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-1T51D.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-R0DPE.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-ML37V.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-9CANO.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-4OOFO.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-0KP2R.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-LT8K9.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\Data\is-56GTJ.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Lang\is-BT5G7.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-OP871.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-4IUB4.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-UG27A.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-NVHVT.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Outbyte\PC Repair\data\cmpdw.dict-shm | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-4IUB4.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-8TN7K.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-RVA6N.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-IV58T.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Outbyte\Driver Updater\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\Lang\is-8NF2N.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-0M68P.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\PC Repair\is-09S5N.tmp | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-288DA.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Outbyte\Driver Updater\is-ON9IH.tmp | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| N/A | N/A | C:\ProgramData\Outbyte\Driver Updater\2.x\Temp\setup_pcrepair.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\InprocServer32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\InprocServer32\ = "C:\\PROGRA~2\\Outbyte\\PCREPA~1\\BROWSE~3.DLL" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\InprocServer32\ThreadingModel = "Free" | C:\Windows\system32\regsvr32.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Mfg | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\DeviceDesc | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceDesc | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Mfg | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0006 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\DeviceDesc | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0006 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003\ | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosDate | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0\FLAGS\ = "0" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\AppID = "{93469602-4134-4012-A6BC-E58C2E9A7D28}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\TypeLib | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{368CE22E-C2E8-98C1-49B7-049B4CA38EC3}\Version\Assembly = 11091f8a592f7ab99f197b242736b1f211091f8a592f7ab99f197b242736b1f288ad8cbb5ed3f66b83a8a2cdf194269c890bb34aebd806e41a50d3bd9c0b4765219909f09e75dec0927ff4e8152284cd219909f09e75dec0927ff4e8152284cd59b5414605bae21e9735786eb516d3f8dd50f5c9c2a951f0edaadc43e3963539e0ab32b2d8dca36272505d60a56aa7ee97c34fd3852e23984a5b8f640a8ac47424723770c5c176976950675ce4a116afa3b0d389305332fc9d2bd0537cdfddd9022a4c47ef802e5065fea693f620ccc204 | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{368CE22E-05A6-98C1-49B7-75A8B3B27F37}\Version\Assembly = 11091f8a592f7ab99f197b242736b1f211091f8a592f7ab99f197b242736b1f288ad8cbb5ed3f66b83a8a2cdf194269c890bb34aebd806e41a50d3bd9c0b4765219909f09e75dec0927ff4e8152284cd219909f09e75dec0927ff4e8152284cd59b5414605bae21e9735786eb516d3f8de1283c2aff9bf99d33ed2740c86bbd2f8157495fe950fa4a01046bb55f00dad0f20aa1b1adfe602954529934d03147d | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\ProgID\ = "BrowserPluginsAgentCOM32.BrowserPluginsAgent32" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\Version | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\odu\shell\open\command | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{93469602-4134-4012-A6BC-F5ED88675F39}\DllSurrogate | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\ProgID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\TypeLib\ = "{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0\HELPDIR\ = "C:\\Program Files (x86)\\Outbyte\\PC Repair\\" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\TypeLib\Version = "1.0" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\FLAGS\ = "0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\TypeLib\Version = "1.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\odu\ = "URL:odu" | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM64.BrowserPluginsAgent64\ = "Outbyte BrowserPluginsAgent64" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\Version | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\TypeLib\ = "{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\HELPDIR | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\ = "IBrowserPluginsAgent32" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{368CE22E-05A6-98C1-49B7-75A8B3B27F37}\Version | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM64.BrowserPluginsAgent64\Clsid | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM32.BrowserPluginsAgent32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\pcr\shell\open\command | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0\ = "BrowserPluginsAgentCOM64" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\Version\ = "1.0" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\pcr\shell\open | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\DllSurrogate | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{93469602-4134-4012-A6BC-E58C2E9A7D28}\InprocServer32\ThreadingModel = "Free" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\AppID = "{93469602-4134-4012-A6BC-F5ED88675F39}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM32.BrowserPluginsAgent32\Clsid | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\pcr | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1560405787-796225086-678739705-1000_Classes\Local Settings | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0\FLAGS | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\TypeLib\ = "{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\TypeLib\ = "{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM64.BrowserPluginsAgent64\Clsid\ = "{93469602-4134-4012-A6BC-E58C2E9A7D28}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BrowserPluginsAgentCOM64.BrowserPluginsAgent64 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\FLAGS | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\0 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-FDF6143A53E1}\1.0\0\win32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A3310BE-83DD-4E80-AC51-242D3A7D7F73}\TypeLib\Version = "1.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{93469602-4134-4012-A6BC-F5ED88675F39}\Version\ = "1.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\odu\shell | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID | C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F2C6F7D1-ED32-49E5-9919-69E12C17AF7C}\1.0\0\win32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3CC2E0D5-193C-4192-B8BA-AFEF0AB6A2FD}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\odu\URL Protocol | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Users\Admin\AppData\Local\Temp\outbyte-driver-updater.exe
"C:\Users\Admin\AppData\Local\Temp\outbyte-driver-updater.exe"
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe
"C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe" /spid:3160 /splha:37659456
C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe
"C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe" /install /silent
C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe
"C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe" /Install /AutoStart /CreateOSSnapshot
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\SysWOW64\sc.exe
sc start OutbyteDUHelper
C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe
"C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe"
C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe
"C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe" /AutoScan /FromInstaller
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:3
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe" /C "start "title" "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://outbyte.com/software/driver-updater/purchase/?DriversCount=4&softwareCode=driver-updater®istered=false&language=en&_sid=GoLKNIAoQ2&m_=0604182354_src_ag_affiliate_du_jerome-ab_0604182354_vk_odu_2_3_3_31862_b-driver_updater_ver_2_3_3_31862&clkid=rs7acj4d5fbn&utm_source=jerome&utm_medium=affiliate&utm_campaign=du_dll&_ga=1155809935.1717525434&version=2.3.3.31862""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://outbyte.com/software/driver-updater/purchase/?DriversCount=4&softwareCode=driver-updater®istered=false&language=en&_sid=GoLKNIAoQ2&m_=0604182354_src_ag_affiliate_du_jerome-ab_0604182354_vk_odu_2_3_3_31862_b-driver_updater_ver_2_3_3_31862&clkid=rs7acj4d5fbn&utm_source=jerome&utm_medium=affiliate&utm_campaign=du_dll&_ga=1155809935.1717525434&version=2.3.3.31862"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ff8fc7d3cb8,0x7ff8fc7d3cc8,0x7ff8fc7d3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1836 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3448 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,13869319581813204179,9603094512235392391,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\ProgramData\Outbyte\Driver Updater\2.x\Temp\setup_pcrepair.exe
"C:\ProgramData\Outbyte\Driver Updater\2.x\Temp\setup_pcrepair.exe" /BgdWnd:393806 /BgdMsg:49689 /BgdLanguage:'ENU'
C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe
"C:\Users\Admin\AppData\Local\Temp\is-29417508.tmp\Installer.exe" /spid:2360 /splha:36545344 /BgdWnd:393806 /BgdMsg:49689 /BgdLanguage:'ENU'
C:\Windows\system32\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Outbyte\PC Repair\BrowserPluginsHelper.Agent.x64.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Outbyte\PC Repair\BrowserPluginsHelper.Agent.x32.dll"
C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe
"C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe" /install /silent
C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe
"C:\Program Files (x86)\Outbyte\PC Repair\ServiceHelper.Agent.exe"
C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe
"C:\Program Files (x86)\Outbyte\Driver Updater\driverinstaller64.exe" "update" "PCI\VEN_8086&DEV_2922" "C:\Users\Admin\AppData\Local\Temp\9C0E465B-F9F2-434A-B9FA-8FACAA23E500\91061eda901e286374f4abca51b64573\ibexahci.inf"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{492052b4-7db7-ff43-a231-f78d1c9d360f}\ibexahci.inf" "9" "4105f081f" "00000000000000BC" "WinSta0\Default" "0000000000000158" "208" "c:\users\admin\appdata\local\temp\9c0e465b-f9f2-434a-b9fa-8facaa23e500\91061eda901e286374f4abca51b64573"
C:\Windows\system32\DrvInst.exe
DrvInst.exe "2" "11" "PCI\VEN_8086&DEV_2922&SUBSYS_11001AF4&REV_02\3&11583659&0&10" "C:\Windows\INF\oem3.inf" "oem3.inf:5f63e534097746e6:Intel_msahci_Inst:9.1.9.1005:pci\ven_8086&dev_2922," "4105f081f" "00000000000000BC" "d11a"
C:\Windows\system32\DrvInst.exe
DrvInst.exe "2" "11" "PCI\VEN_8086&DEV_2922&SUBSYS_11001AF4&REV_02\3&11583659&0&FA" "C:\Windows\INF\oem3.inf" "oem3.inf:5f63e534097746e6:Intel_msahci_Inst:9.1.9.1005:pci\ven_8086&dev_2922," "4105f081f" "000000000000015C" "d11a"
C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
"C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe" /Install /SendInfo /AutoStart
C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
"C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe" /FromInstaller
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39cd055 /state1:0x41c64e6d
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 45.33.97.245:443 | store.outbyte.com | tcp |
| US | 45.33.97.245:443 | store.outbyte.com | tcp |
| US | 51.81.185.149:443 | du.outbyte.com | tcp |
| US | 45.33.97.245:443 | store.outbyte.com | tcp |
| US | 45.33.97.245:443 | store.outbyte.com | tcp |
| US | 192.155.86.205:443 | api.outbyte.com | tcp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| CA | 149.56.19.59:443 | dynamicdownloads.outbyte.com | tcp |
| US | 51.81.185.149:443 | du.outbyte.com | tcp |
| US | 172.67.148.48:443 | static.outbyte-du.com | tcp |
| BE | 104.90.25.32:80 | x2.c.lencr.org | tcp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| US | 172.66.43.196:443 | cdn.paddle.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| IE | 63.33.186.64:443 | seal.digicert.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 196.43.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.186.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 87.248.114.12:443 | s.yimg.com | tcp |
| SE | 23.34.233.58:443 | amplify.outbrain.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 151.101.1.44:443 | cdn.taboola.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| CH | 18.165.183.49:443 | static.hotjar.com | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.183.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| US | 51.81.185.149:443 | du.outbyte.com | tcp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| US | 45.33.97.245:443 | outbyte.com | tcp |
| CA | 54.39.16.131:443 | am.outbyte.com | tcp |
| CA | 54.39.16.131:443 | am.outbyte.com | tcp |
| CA | 54.39.16.131:443 | am.outbyte.com | tcp |
| GB | 104.86.110.120:443 | tcp | |
| US | 104.208.16.92:443 | browser.pipe.aria.microsoft.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| US | 51.81.185.149:443 | du.outbyte.com | tcp |
| US | 150.171.69.254:443 | mcr-ring.msedge.net | tcp |
| US | 152.199.19.161:443 | fp-vp-nocache.azureedge.net | tcp |
| FR | 152.199.21.118:443 | static-ecst.licdn.com | tcp |
| CH | 20.203.155.189:443 | f0cbc747ed9c7c3f1272cbac02787274.azr.footprintdns.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\SetupHelper.dll
| MD5 | 70cc462bb6933e4ef78626e27cc72f8c |
| SHA1 | 056ad34da28ca90bd40e4a1b0080514df9a1d789 |
| SHA256 | acf4cd594e472c4dd1fd6ac0e8c6841ec942e0b27e3fc5c52fc345f4ec817fbb |
| SHA512 | a5fc7ae7605e15b70b6b410cbb2ff3acde89746d3a8d10196e42fd99d17b1a5eac0bb7fbf0eb65ce273fc3465e58fc174133bec1a3bc676a8010689ff760ed54 |
memory/3160-5-0x0000000002550000-0x0000000002893000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\InstallerUtils.dll
| MD5 | 2f7ae090ac0787ee453ce6e6b86d648c |
| SHA1 | 97103eaa046446c65cff34cdf21b547106a7615f |
| SHA256 | fed5dcf311310962f10fd37d749bef8eb0cc1df8f2ba720ecfeb8aab357e5990 |
| SHA512 | d391cd6b45db171eebccf5b3c9be3f534d9bc8958e55ca0262a18563c6f33297a316cd3009443e8597a355fb40864a12d24c579a55f97808de930a284497e308 |
memory/3160-11-0x0000000003120000-0x0000000003210000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Installer.exe
| MD5 | b1decf2bd302335f79a54a1f0a928365 |
| SHA1 | 00aded2340a8bc4f887e0d25b6ba59830f974ab8 |
| SHA256 | f85e0b7665d886ba35dc53866428b9fc1729749c2d067fb5f3664fb0e18d57a8 |
| SHA512 | b926a828401b365c168618ea81f13e0db4a7ba51be910ebd8398f47024fa48a6300bf6dd66af6bcacaf5e56b82274a7558866b7d5712af52d11866905d603ec6 |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\AxComponentsVCL.bpl
| MD5 | 086c92338c9fed70a2947912bee696cc |
| SHA1 | 486bad6032a09bafdec25f0525876dfc26955478 |
| SHA256 | de4fd0d885e1ea84185941f6cc7db5193eb54432bfc55ac184752a7d3058f646 |
| SHA512 | bf95f7fc0547f4840413c08b77d583bd4e0d95caac6c3b0535bee3612ae64009e43b4bd62fa21c1b64077ad2019db06034e3b2b7c6d0f31ba996396ee194de8d |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\AxComponentsRTL.bpl
| MD5 | 3614834203470b31055d8521bc8e01d1 |
| SHA1 | 3e4c6cb29f9b9b19adaa10907027bae30585743e |
| SHA256 | 5a71fc1a3eee30e1c9c30e530b9191e591a70a7322bfd2bc1aa6fd6f16570805 |
| SHA512 | c989cf2033a409072b377a03e36f0bd11ffbc44678ddbaf59a0ab5199c2f070fd5e702cf758b5923a1101a45d76cea72af85d5a92f3b66805d0485d429b7338f |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\OxComponentsRTL.bpl
| MD5 | 3b9c05de0187caca66ea3ad1facc5cd4 |
| SHA1 | a80f1e31772e14573451289e7c4bf8737807b66a |
| SHA256 | f18b32eb8de70d8533d23aab4ca0bf5c202dbe57dc4718f3a21f862713ab192c |
| SHA512 | b164358b6f9352c198e2c511918c2df9ce1af963d54293236bbc108e56d184b0700faedefa0be91a613f423696b222e6d4106eaf22e7eb9661d112daac618fa5 |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\vclimg250.bpl
| MD5 | 566a71b06c56101e887a2e769aa58a65 |
| SHA1 | 7dbd3a89d5b18fc3d41146b7aa558a4ab9266a5f |
| SHA256 | f57b488a40016cbff6f6aa3d74cfdf74c2cf1c171955efde0549faea40444e17 |
| SHA512 | f1b20955783f15d36379f9ef5f52f2d453f7d16fb106ee273c8022bec260ec5de91400d81fdd5f01fadf286db4179ecaa88c04f44d783931ede71654bdc06193 |
memory/3624-55-0x0000000000CC0000-0x0000000000DF6000-memory.dmp
memory/3624-62-0x00000000016E0000-0x0000000002106000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\DriverUpdater.exe
| MD5 | 7f3308a5f175bc30c6532a25b49b829b |
| SHA1 | cda1aa16310157b5141a691bb39f92e7af2dce9a |
| SHA256 | 9f6569ac1c2bd5c878583cad1bf0eb67f5cd625099bf803908b3127043581fab |
| SHA512 | 6bd47b7ed2a796a47e440b4c99d212304f366c0ced69d3be981bbb10eb7e55fa010a8980a38a2caa7255ba896e7b0a6765cd8d41fdeca97c0cbf38de3a69bfb4 |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Data\main.ini
| MD5 | 1222fe3b63384757b322d6504c37d444 |
| SHA1 | e2ea1911982e8de26757b863f4a65463ea0fde42 |
| SHA256 | 7853bde1900a821b07e2060fe04902c38de9597dd763c0cea75fec7f83cd11e6 |
| SHA512 | 8f86e6d1835d012541bbc28042cb6774de705698a2ce4340b20f92b7c3077027a9b8a45c4030ef84e951204fd941cbb7e0cc94f8dc7de0c770bdeaa8b4b1d4df |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\rtl250.bpl
| MD5 | 535a3284343923fbaa353f4d08da0660 |
| SHA1 | 2c5c169e2b51f2ff9620d39dc796f66b42cb39fb |
| SHA256 | 963f74fd50ed48d2dfe1d73f2ba0027b5a4d38e3df4f74c5ba7613391ae786cc |
| SHA512 | c9ccab7a8025f03b30aaaf39df208b5fa4fd14bfd020bfdfc1857b51a5458bcd9094cc1b50eb6aa2852ff2f7d9c06fc800795be1f2363da5a3754158c122c20d |
memory/3624-59-0x0000000000E00000-0x00000000016DA000-memory.dmp
memory/3624-57-0x0000000000920000-0x000000000097A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\vcl250.bpl
| MD5 | 1a85e8eff7731cd8db1eb701cc3af878 |
| SHA1 | 833f5ab6c3d0604fca4fee57c049733079b918e5 |
| SHA256 | ddf6faf9872f17b81a3183695c0fe3344d07b8a6c80a1e0c766302d1db76b4d9 |
| SHA512 | c7a4d0807052e0a99e144cba8a4fdbfeb052b810c91a9b7aa0592389ff3547958a3784a842cf4664393da5e3a0d9b9db62236e635e78c9e278b604cb3df76343 |
memory/3624-74-0x00000000070A0000-0x00000000070C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Lang\enu.lng
| MD5 | 1659f8b0c571f8c3680ba2f5fabc3ff6 |
| SHA1 | 148705a1eddb8a501602cd2e53f35ee139a80831 |
| SHA256 | ecd464ff137ac8facf6c48e347225a3931b68ea8a717a029e895429124522a22 |
| SHA512 | 9da02d15f4e420654de92827c612aed18e036fbef3dd3653ec34cf36d45d6ce5a167786a89f8888c0bf903fcd9d4a8d9becba9d5d179c40234e6d94b2918e4ce |
memory/3624-95-0x0000000007BF0000-0x0000000007F33000-memory.dmp
memory/3624-90-0x0000000007160000-0x0000000007192000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\Localizer.dll
| MD5 | a0653889a245671bffd7ed757b3706f6 |
| SHA1 | d98d5075891ad397715f06f80b2ab547ccc9d23b |
| SHA256 | ffbba906795fca8e1e40660cc56f67bdb48922e4fc6f95858803d9d7f98e7f53 |
| SHA512 | 19aa8e08b2029e7d5dde5e38c1f441afeb2125efe5a63668084e7c549db1977bc620befdce48e753e8fa9cc56c99049cc6bed401ab29d80ca48fb21f7903b3f1 |
memory/3624-86-0x00000000070D0000-0x0000000007115000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\GoogleAnalyticsHelperIV.dll
| MD5 | 7f305ee765ffd70949d1c7de456457cc |
| SHA1 | 640ae5044b5d516765cdaaedcd58b40dfd67d01a |
| SHA256 | 58e388025c59c058f1444b5adef39565a69c14a750385a92ddac1835cd78386a |
| SHA512 | 43184596d1847ed9a925b66a7db860dfac06df25edb731479f1f7b4486664b2c5d614416f749c06a9fceece563babe35cca9ca551015dc5df9a8c174bb536018 |
memory/3624-73-0x00000000070A0000-0x00000000070C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\CommonForms.Site.dll
| MD5 | 88ae389473d070854abddc513bb64b6e |
| SHA1 | 3be7660dfbaeee013971b9e10d618134f713dc47 |
| SHA256 | 5701136caf42defb14fec04ad409047709862b2f0dca41ef13387fae4c876403 |
| SHA512 | f1ce210fe809f47d1cf3e1d57b60811c5a09a69b12fd0b7b993a0f7180a5ffb911286958884a63baf63d955bd576560a39c6b13ddfb44d29e26e18ca154f44a7 |
memory/3624-107-0x0000000008740000-0x0000000008760000-memory.dmp
memory/3624-106-0x0000000008740000-0x0000000008760000-memory.dmp
memory/3624-105-0x00000000086E0000-0x0000000008738000-memory.dmp
memory/3160-125-0x0000000000400000-0x0000000000481000-memory.dmp
memory/3624-127-0x0000000050000000-0x0000000050260000-memory.dmp
memory/3624-131-0x0000000000E00000-0x00000000016DA000-memory.dmp
memory/3624-130-0x0000000000920000-0x000000000097A000-memory.dmp
memory/3624-136-0x00000000086E0000-0x0000000008738000-memory.dmp
memory/3624-135-0x0000000007BF0000-0x0000000007F33000-memory.dmp
memory/3624-132-0x00000000016E0000-0x0000000002106000-memory.dmp
memory/3624-134-0x0000000007160000-0x0000000007192000-memory.dmp
memory/3624-133-0x00000000070D0000-0x0000000007115000-memory.dmp
memory/3624-129-0x0000000000CC0000-0x0000000000DF6000-memory.dmp
memory/3624-128-0x0000000050A80000-0x0000000050E72000-memory.dmp
memory/3624-126-0x0000000000400000-0x0000000000695000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\EULA.rtf
| MD5 | c8d22e22f0d65d6e12215fdb684e0351 |
| SHA1 | ada8306a2ef4bc41193ee225dc62edcec1d479e1 |
| SHA256 | fdd970229cf6fda7794c74f8048caa473309784f3a0b77da661024f556846ce9 |
| SHA512 | 26c45d846ee29106086ad0fa60420b63b3154d5667d80698189796b8f49853fa293a91a2379c46cbae6c0203d8e9a152cde4b2ee2f7f03c7ad81fe115e74b68b |
memory/3624-141-0x0000000050A80000-0x0000000050E72000-memory.dmp
memory/3624-140-0x0000000050000000-0x0000000050260000-memory.dmp
memory/3624-139-0x0000000000400000-0x0000000000695000-memory.dmp
memory/3624-145-0x00000000016E0000-0x0000000002106000-memory.dmp
C:\Program Files (x86)\Outbyte\Driver Updater\ServiceHelper.Agent.exe
| MD5 | 57b23d39f96055245e3d5825f5752a26 |
| SHA1 | 5c0a14446c63b6a3255c0ea7b2bc2d4013f31ad2 |
| SHA256 | 74bf0bb07c36b3b0ac9d9b23f854f7e38685a999ab7f4a81085649ddeebedb43 |
| SHA512 | 87025fe046d10b24acccb07f34206407a40b0f3fa050f92bfd7fc591ab0f39de61be4eb412694ca377c99acf7b842c2b51415f4a4d80705503feed7865bf4ad3 |
C:\Users\Admin\AppData\Local\Temp\is-11403371.tmp\__setup\islzma.dll
| MD5 | 10d16e657af3bc025b925f9b83ed8fb6 |
| SHA1 | 88a226d8feff248e0a0246e28dcb8db29114a8b4 |
| SHA256 | ac12a3faa457ae0bb5c94b75b03717c610b221317e9718f04bbad54e0acd382a |
| SHA512 | f953522760f0dbdc66a5857bcd88895fcf2fed6eb4efcf9b7295fcbdf63b6aedf1af7ec121e820fb45f342078006f03083a2998c21e4aa463d155a9b5b621961 |
memory/2740-265-0x0000000000400000-0x0000000000810000-memory.dmp
memory/3624-274-0x0000000050A80000-0x0000000050E72000-memory.dmp
memory/3624-272-0x0000000000400000-0x0000000000695000-memory.dmp
C:\ProgramData\Outbyte\Driver Updater\2.x\Data\odu_sign.dat
| MD5 | 2aceffd693e8f66f30e86ab6d097ecc6 |
| SHA1 | 04340c4738b56ae34b86a9003281d8dd9c7b172b |
| SHA256 | f4a8bd89f9f8e4c8a2d0d0f6b7629a9b014e6d3bc84be20bcab07af121cf96f2 |
| SHA512 | 21881d6de668d39e09596464fbcac538dadeb14d21a105c335f887c115e7f1a23bee07ddfaed4082a9ec71333e1d2e995f113d76213e89abbde4452723397a5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 196eaa9f7a574c29bd419f9d8c2d9349 |
| SHA1 | 19982d15d1e2688903b0a3e53a8517ab537b68ed |
| SHA256 | df1e96677bcfffe5044826aa14a11e85ef2ebb014ee9e890e723a14dc5f31412 |
| SHA512 | e066d74da36a459c19db30e68b703ec9f92019f2d5f24fd476a5fd3653c0b453871e2c08cdc47f2b4d4c4be19ff99e6ef3956d93b2d7d0a69645577d44125ac7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f717f56b5d8e2e057c440a5a81043662 |
| SHA1 | 0ad6c9bbd28dab5c9664bad04db95fd50db36b3f |
| SHA256 | 4286cd3f23251d0a607e47eccb5e0f4af8542d38b32879d2db2ab7f4e6031945 |
| SHA512 | 61e263935d51028ec0aab51b938b880945a950cec9635a0dafddf795658ea0a2dfcf9cfc0cab5459b659bb7204347b047a5c6b924fabea44ce389b1cbb9867d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6b36dac7cdb697e67459b73b07da2d99 |
| SHA1 | 44273adc00715424d1001df24740a9f5dec8da2b |
| SHA256 | a70633aaa3627577c31e46f44bf6f593ba72d46f9e62a0b505717e1e0a4a0f66 |
| SHA512 | 740575993ba304d67d121f318f33839a227effaecc50883e76b98a068c0915f6b94a635e1949277d1e2de757558dc9ccaad078235447866863174152eca93f56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ccaa0e4ccac1f87ed1eeb5eebb18d0a4 |
| SHA1 | bd1b66cf9de18118a0595645ccd4c2811f9fb6ff |
| SHA256 | eb5a96786b372866f2124eee1a7be28ca63b523a7d2d4892f41c1def11fb383f |
| SHA512 | 483b4a9c96f1f0c6b43bc8856bce0ed63b58d5f701ec82107dc3824cacf577e5ed0dd2de60a2b104a1b9116bac5113667abce7dc758c42f99ca4681dc7c3cb56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 18df078017ca20379d17d5d3e97bf80d |
| SHA1 | 1773de83deeb6e62097dd1d8be23711bbd04687b |
| SHA256 | 942f2e97ba50722cc54a8064194413c5b0ab3eaeb46cada222b78d749f407ca0 |
| SHA512 | 3be99c3258c1cd3825966007ea694656a029b84180551e3033a6822fbb307f3345170c433406c427aebfeb57aba9cf716320af6b6aa0c0510c4f280a04b9d7e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ceb672a89ce624027a544b34d76cc484 |
| SHA1 | c336020a3099b9922d99628b853318b565446d41 |
| SHA256 | cf39d277261dbea885cd954580f8fd6c84b7d4cea5e190d71237ac8e81d91863 |
| SHA512 | c39db9f68dbf28c54ec1cb0ccfc590f0b399e842e92d5a45a1642f65bdefe6143399708b8084a3addd4ecf28437664c3c71d5aa78e1fee4fc0bba73c455a4c6f |
C:\ProgramData\Outbyte\Driver Updater\2.x\Temp\setup_pcrepair.exe
| MD5 | 662a9c27bbe4c7a6b4f3efd481ccd97d |
| SHA1 | d0859e244adc6a850ff081c11d117bcc5e068071 |
| SHA256 | b792c90c5520bd3ad1e9be9f30baddcf9190cbe10fbc3793b097c48f1735c4e3 |
| SHA512 | b4844ab6ec9aacf678416599a607b1323f338d0d48bea5a82b73ebad704b2bad469f021d8715f52996532f651228697a17a5573a355231373a7380bc345f01db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 65abfbc61b2a94ccdb75ae8131e0fdbe |
| SHA1 | 936859a2d8561c4fca6ade7934050579a5654510 |
| SHA256 | 8ba2911b2b9b399af70e7d5d8eb396d35bcda897023857a00c99746e434050a4 |
| SHA512 | 9ae5939a2fdca9053a3c92663dca0fc95666d4b4d62155f1ca090a1fa65a94d2b1e96958768be6f52e6a8a8215f68ee13e792fddf59ac4a9aaacc2b97c4262b8 |
C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
| MD5 | bbc6cf29df2497d16eb2b9529fe68875 |
| SHA1 | 5b8bab2723471bd726d12e0e4159b4e3c0f3cb37 |
| SHA256 | 50d155f2a4091fe3f62d428346953519df7f7ba09be669cf008bddcabc6fc5a9 |
| SHA512 | be1345b7a166b4ddc730b556fad24f14335a479d2f699a4cf5c2ee459799247e57eca76e1523076bdfd159bf1e9c29c442b9052875c5202290120a3eaddf7075 |
C:\Users\Admin\AppData\Local\Temp\{492052b4-7db7-ff43-a231-f78d1c9d360f}\SET45EA.tmp
| MD5 | 2f7051d08dea2b20510426c0c4c40115 |
| SHA1 | 63c66badd37425c98a079d841b81d15ce760d3a6 |
| SHA256 | fa3b1f98fc7c1cdc8230921d9e5939b13c609aca5f57744111ee47103cec43db |
| SHA512 | bc1dee06af46a17941b95281aecea9fcdc7b9eb6d726443a242cf483967bbf0a6513cfcb81e72cc8bc8dcbec1aa497b58223e5b133e6169bef502bdd156ab743 |
C:\Users\Admin\AppData\Local\Temp\{492052b4-7db7-ff43-a231-f78d1c9d360f}\SET45D9.tmp
| MD5 | 8c051058c5b82339b1ebd494e437c7d5 |
| SHA1 | cb3b016015c814004c66151762fc3bc1f0988dad |
| SHA256 | c64bb14287b38a254a02406cbf7f5610a4be12c43a62b4d64f5710708c822980 |
| SHA512 | 6271b06c51fc0f3c9fb10a8721d2ee7710fa37073ebfb4c5bedad037afcdd04b766a5630362a2e942cfb3ef29101c65a1a2ea0f4fb44ae43a63e6d7956774d5a |
C:\ProgramData\Outbyte\PC Repair\1.x\Data\Mat.Apps.db
| MD5 | 836f63ebaf979a7e94dc0bd8af134887 |
| SHA1 | 699025bae1db4ce2f96533e1d7b3e5529dc8bd86 |
| SHA256 | b333748ca0f827dc81b77d4cd31724612c9089bc1ddb93a3375861e01357bd5d |
| SHA512 | 6749101677ae6263d1370c1f2f1355390d7f1f8b841baea243a9c318575474219b7a1c2a56c8e35ee56574fc072d527f0924bda975021b562210e924b378f0bf |
C:\ProgramData\Outbyte\PC Repair\1.x\$$$data_1121606632
| MD5 | 12a3e84b720ec101f180a4b4ab2ba58e |
| SHA1 | 470f531eee2e5ed8ef6bea5b14be0376f7f95ed6 |
| SHA256 | 597253847de1fe610c87859a2b9a26c094ca54c3aac41eea0e3b58c7da4253ab |
| SHA512 | 01ab52a730db480346b7290dbef8b5cb0ba09e40f39ed6304caa373cad57bdccc71c1636d10790534fd688872241e7b95b4a3168a983b260db153805afb18aeb |
C:\ProgramData\Outbyte\PC Repair\1.x\$$$data_2121606648
| MD5 | d9ad4da34f750933c1d59caf92a09005 |
| SHA1 | 8fc3a34c122368543e6a1d86456b00f57e9864ae |
| SHA256 | b181f003290d112fc1dc414f209ef684d16c40d3558e7c0990954b068dd22e2c |
| SHA512 | d82b515947d47a46ea0379c34bb87f8fa96ee885f9b9ffa487495ea4ff9ac8c3a9eac21e6197954e09018bdb2f7129f907d0728313a6610c84ec9b0e4da8aa32 |
C:\ProgramData\Outbyte\PC Repair\1.x\$$$data_1121606788
| MD5 | b777891fc02522e032351d5f3cb37b81 |
| SHA1 | b66a939daff899ec51f73dbffc8c5baf75114889 |
| SHA256 | 6ec207e16c935996f2fcf483a8bc67364924f6e14357066b6ce6e064dc516142 |
| SHA512 | d5e0e5e3d8b7ca3dead757a99782109bd267031b83ac65ef032de701d37f4bc955551d35708855605e7ba50620c2187e0792afdb39c7ca54a7f6eae23978bf2a |
C:\Users\Admin\AppData\Local\Temp\$$$prefs.js121607148
| MD5 | d0fa016944f317dd72006541bc60aef1 |
| SHA1 | ddfa846cf4c71f5f580f3b7d26efdd106fa02cd2 |
| SHA256 | c54471e83c14a7fce21a817ea869770c335ee0c883e5adb3d646938358b677bc |
| SHA512 | 55efee83b81f79c811ff1093871dd714575cb0e554d2c5c0010d67b492d6ae9d054b6bc6e8c15db9f617d76389611d2e2c04a9ebc715922049553201d60aed39 |