Repair-tool.exe

ParetoLogic Inc.

The application Repair-tool.exe, “RegCure Pro Installer” by ParetoLogic has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program RegCure Pro by ParetoLogic, Inc.. The file has been seen being downloaded from www.helpcomp.com and multiple other hosts.
Publisher:
ParetoLogic, Inc.  (signed by ParetoLogic Inc.)

Description:
RegCure Pro Installer

Version:
3.1.2.0

MD5:
63c3c419200755087c7496933c298f8f

SHA-1:
4d8982e0115b0d5de5e4230dc28f2166cdd2dbb2

SHA-256:
b444b783ecc653b3a2c2a9b4a55b26940397729f4aa1fba540bd7807a2cc334f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 7:09:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ParetoLogic.Optional.Installer.Meta (L)
16.2.11.23

File size:
4.9 MB (5,162,600 bytes)

Copyright:
Copyright 2012 ParetoLogic, Inc.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\repair-tool.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/23/2011 7:00:00 PM

Valid to:
2/23/2013 6:59:59 PM

Subject:
CN=ParetoLogic Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=ICT, O=ParetoLogic Inc., L=Victoria, S=British Columbia, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2D7970ACEDE16A89733A7817FB81EA1A

File PE Metadata
Compilation timestamp:
2/24/2012 2:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:CBdJAOZ9aAvUpQA5SyO7bjsVw6+vqs3imRaiXK6UcepsRX71L7k/u19bEcxt:sd7hvUpQA1PxA3impX5UcepsLJjTt

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.9927  (probably packed)

Code size:
28 KB (28,672 bytes)

The file Repair-tool.exe has been discovered within the following program.

RegCure Pro  by ParetoLogic, Inc.
Publisher's description - “RegCure Pro is packed with the tools you need to boost your PC's speed and performance. Featuring an intuitive interface and easy-to-use work flow, RegCure Pro scans common problem areas - and quickly and safely fixes them.”
www.paretologic.com/products/regcurepro
53% remove it
 
Powered by Should I Remove It?

The file Repair-tool.exe has been seen being distributed by the following 50 URLs.

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=5081471

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=1763263

http://www.helpcomp.com/help/pc/.../downloadf.php?sid=1730231

http://www.helpcomp.com/help/pc/.../downloadf.php?sid=1679211

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=4977585

http://www.helpcomp.com/help/pc/.../downloadc.php?sid=5199585

http://www.supportpc.com/support/download/.../?sid=15693

http://www.helpcomp.com/help/pc/.../downloadc.php?sid=5209634

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=3983039

http://www.supportpc.com/.../download/.../index.php?sid=581599

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=2555372

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=5480620

http://www.supportpc.com/support/download/.../?sid=67302

http://www.helpcomp.com/help/pc/.../downloadf.php?sid=3194088

http://www.helpcomp.com/help/pc/.../downloadc.php?sid=654069

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=1992806

http://www.helpcomp.com/help/pc/.../downloadc.php?sid=3982033

http://www.helpcomp.com/help/pc/.../downloadf.php?sid=783840

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=5370593

http://www.supportpc.com/support/download/.../?sid=394857

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=4757543

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=387190

http://helpcomp.com/help/pc/.../downloadc.php?sid=22157

http://www.helpcomp.com/help/pc/.../downloadf.php?sid=2111044

http://helpcomp.com/help/pc/.../downloadc.php?sid=168978

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=1591762

http://helpcomp.com/help/pc/.../downloadf.php?sid=

http://www.helpcomp.com/help/pc/.../downloadw.php?sid=3983533

http://www.helpcomp.com/help/pc/.../downloadc.php?sid=4322052

Latest 30 of 918 download URLs

Remove Repair-tool.exe - Powered by Reason Core Security