PC Performer

Kategorie: Adware und PUAs Schutz verfügbar seit:10 Feb 2012 02:09:29 (GMT)
Typ: Unspecified PUA Zuletzt aktualisiert:27 Jun 2014 03:34:16 (GMT)

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Examples of PC Performer include:

Example 1

File Information

Size
7.4M
SHA-1
83385c7518d52688d2aad94dc50e18b097b319d4
MD5
fcc40b95e7ac2cb6e5a4d5337cf86dbd
CRC-32
7c114cfb
File type
Windows executable
First seen
2012-02-08

Example 2

File Information

Size
3.4M
SHA-1
a75f9c795833f6bf3e9727a50d8058ed7d041049
MD5
d273713f5fd180b527bc1369a4d2d353
CRC-32
78dd427e
File type
Windows executable
First seen
2011-11-25

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\All Users\Desktop\PC Performer.lnk
    Size
    725
    SHA-1
    4ad2152055a7fda6f8b60eed1f0070e3c2fd86b7
    MD5
    b75f73e078ae8090554f59d67445d9bb
    CRC-32
    fce2f289
    File type
    Windows Shortcut file (.LNK)
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\Danish_rcp.ini
  • C:\Program Files\PC Performer\install_left_image.bmp
  • C:\Program Files\PC Performer\portugese_rcp_pt.ini
  • C:\Documents and Settings\All Users\Start Menu\Programs\PC Performer\PC Performer.lnk
    Size
    737
    SHA-1
    02787f4ce2bb9000053a6f1160f533914a685f88
    MD5
    58c70fcf2731321b23c3301943a223e4
    CRC-32
    87d79fab
    File type
    Windows Shortcut file (.LNK)
    First seen
    2014-06-25
  • C:\Documents and Settings\All Users\Start Menu\Programs\PC Performer\Register PC Performer.lnk
    Size
    763
    SHA-1
    1e048c19e84b4b79e9284cf50372121f9aeb0c7d
    MD5
    78a983a3fef6da4312a57f52f4f285c3
    CRC-32
    0b0c6bc2
    File type
    Windows Shortcut file (.LNK)
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\russian_rcp_ru.ini
  • C:\Program Files\PC Performer\isxdl.dll
  • C:\Program Files\PC Performer\Spanish_rcp.ini
  • C:\Program Files\PC Performer\PCPerformer.exe
    Size
    7.4M
    SHA-1
    83385c7518d52688d2aad94dc50e18b097b319d4
    MD5
    fcc40b95e7ac2cb6e5a4d5337cf86dbd
    CRC-32
    7c114cfb
    File type
    Windows executable
    First seen
    2012-02-08
  • C:\Program Files\PC Performer\Chinese_rcp.ini
  • C:\Program Files\PC Performer\Norwegian_rcp.ini
  • C:\Program Files\PC Performer\Italian_rcp.ini
  • C:\Program Files\PC Performer\German_rcp.ini
  • C:\Program Files\PC Performer\korean_rcp_ko.ini
  • C:\WINDOWS\system32\roboot.exe
  • C:\Program Files\PC Performer\unins000.exe
  • c:\Documents and Settings\test user\Application Data\PerformerSoft\PC Performer\eng_rcp.dat
  • C:\Program Files\PC Performer\unins000.dat
    Size
    37K
    SHA-1
    6288cec752d24baaa12d7b230df3054c4a84942d
    MD5
    8e8df74102c5de6bb7a02e796664b8fc
    CRC-32
    9f5ac7f1
    File type
    Unspecified binary - probably data
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\Swedish_rcp.ini
  • C:\Program Files\PC Performer\PCPerformer.dll
  • C:\Program Files\PC Performer\Beforeuninstall.exe
  • C:\Program Files\PC Performer\polish_rcp_pl.ini
  • c:\Documents and Settings\test user\Application Data\PerformerSoft\PC Performer\log_06-25-2014.log
  • C:\Documents and Settings\All Users\Start Menu\Programs\PC Performer\Uninstall PC Performer.lnk
    Size
    722
    SHA-1
    e7ca39f646cccd99ada8c69892d7334fd23ec376
    MD5
    6cf1ae883c35675990b27c99366b2cfc
    CRC-32
    48f94183
    File type
    Windows Shortcut file (.LNK)
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\Finnish_rcp_fi.ini
  • C:\Program Files\PC Performer\TraditionalCn_rcp_zh-tw.ini
  • C:\Program Files\PC Performer\CleanSchedule.exe
  • C:\Program Files\PC Performer\Portuguese_rcp.ini
  • C:\Program Files\PC Performer\turkish_rcp_tr.ini
  • C:\Program Files\PC Performer\Japanese_rcp.ini
  • C:\Program Files\PC Performer\eng_rcp.ini
  • C:\Program Files\PC Performer\xmllite.dll
  • C:\Program Files\PC Performer\unins000.msg
  • C:\WINDOWS\Tasks\PC Performer_UPDATES.job
    Size
    276
    SHA-1
    899b178b0f8e0ad954cf9f4086d1df915faca2fe
    MD5
    cc14b901addeaf7f51fc8b10576394c5
    CRC-32
    62c7906f
    File type
    .JOB File Format
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\French_rcp.ini
  • C:\WINDOWS\Tasks\PC Performer_DEFAULT.job
    Size
    268
    SHA-1
    c2ce8cba9a4aae44d0ba6db29b8f9dec61d81702
    MD5
    1cbe5c84bb37c25b92729b6a3d537a05
    CRC-32
    15b48787
    File type
    .JOB File Format
    First seen
    2014-06-25
  • C:\Program Files\PC Performer\Dutch_rcp.ini
  • C:\Program Files\PC Performer\greek_rcp_el.ini
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
    MinorVersion
    0x0000000a
  • HKLM\SOFTWARE\PerformerSoft
    MachineID
  • HKCR\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}\InprocServer32
    ThreadingModel
    Both
  • HKCU\Software\PerformerSoft\PC Performer\LANG
    LangID
    0x00000000
  • HKCU\Software\PerformerSoft
    MachineID
  • HKLM\SOFTWARE\PerformerSoft\PC Performer\LANG
    LangID
    0x00000000
  • HKLM\SOFTWARE\PerformerSoft\PC Performer
    Expired
    0x00000000
  • HKCU\Software\Licenses
    {0B278E36AA51C7412}
    V>□□□□□□□p□□□□□0□□□□□@□□□.□ f□□□□□□□□□□□□□p□□ =□□□□□=□□□□□e□ □□0G□P□□0e□ □□□S□ □□p□□P+□□g□p0□`□□ □□ y□p□□0-□0□□□□□□]□□□□@□□□□□□□□□□□□y□p=□□□□□]□□□□ □□□□□□□□□□□□□□`□□ 6□P~□p□□□z□pu□`□□□□□□□□0□□@A□□□□□5□`□□□□□□□□□
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    RDReminder
    C:\Program Files\PC Performer\PCPerformer.exe -rem
  • HKCU\Software\PerformerSoft\PC Performer
    FirstRun
    0x00000001
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Schedule
    Start
    0x00000002
Processes Created
  • c:\docume~1\support\locals~1\temp\is-26jls.tmp\sample.tmp
  • c:\program files\pc performer\pcperformer.exe
HTTP Requests
  • http://www.performersoft.com/pcperformer/thankyou.php
DNS Requests
  • www.performersoft.com

Example 3

File Information

Size
598K
SHA-1
faf63e959d07deca60151924cf63e31b171a1348
MD5
a290a6e6b761038aae88c550f0aedd40
CRC-32
344a2758
File type
Windows executable
First seen
2012-07-01

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\PC Performer43559.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ajax-loader.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\lbg-top.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\main.css
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ajax-loader2.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\lbg-bottom.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\js\config.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1922_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\b4.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\pb-bg-right.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2203_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\pb-bg.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\pb-bg-left.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\red-pb-act.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\red-pb-act-left.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\template_40.png
  • c:\Documents and Settings\test user\Local Settings\Temp\~3A6.tmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1919_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1921_feature_.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1920_attr_15.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1918_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\corn1.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\js\smart.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\corn4.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1929_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1919_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2048_attr_15.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\red-pb-act-right.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2203_attr_15.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\check.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1925_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1918_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\corn3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\js\jquery-1.7.min.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1920_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1918_feature_.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\trust.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1921_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\js\jquery.noselect.min.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2048_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\b-bg.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1925.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1922_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1919_feature_.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1926_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1922.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1929_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1920_feature_.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\events\events.js
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\b3.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1925_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1922_feature_205.png
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
  • c:\Documents and Settings\test user\Desktop\Continue PC Performer installation.lnk
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\component_442.part
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1925_attr_15.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\2048.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\2203.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1926_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1926.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1920.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1929.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\mid.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1920_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\corn2.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1921.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\arrow.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\btn2.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\center2.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2203_attr_46.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\arrow.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1918.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_2048_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\btn.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\1919.html
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\component_360
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\page_1921_attr_3.png
  • c:\Documents and Settings\test user\Local Settings\Temp\ibtmp3f6c444\config\ib\lbg.gif
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    PC Performer43559.exe
    "C:\DOCUME~1\support\LOCALS~1\Temp\PC Performer43559.exe" /XML="C:\DOCUME~1\support\LOCALS~1\Temp\2.tmp" /STP=0:1
Processes Created
  • c:\docume~1\support\locals~1\temp\3.tmp
HTTP Requests
  • http://s3.amazonaws.com/installbrain/bootstrap/444/start.cf
  • http://s3.amazonaws.com/installbrain/bootstrap/444/startgui.cf
  • http://s3.amazonaws.com/installbrain/components/BabProtectSetupv3.cf
  • http://s3.amazonaws.com/installbrain/components/ibarioinstallerv4.cf
  • http://s3.amazonaws.com/installbrain/conditions/bandoocheck.exe
  • http://stats-182385724-1591972470.us-east-1.elb.amazonaws.com/installer/bootstrap.php
DNS Requests
  • d2qsma9t6l5kt7.cloudfront.net
  • s3.amazonaws.com
  • stats-182385724-1591972470.us-east-1.elb.amazonaws.com
  • www.bit89.com

Download Sophos Produkte kostenlos testen
Jetzt downloaden