home

PCPowerTray.exe

PC Power Speed

Crawler, LLC

The application PCPowerTray.exe, “PC Power Speed Tray” by Crawler has been detected as a potentially unwanted program by 8 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PCPowerSpeed’.
Publisher:
Crawler.com  (signed by Crawler, LLC)

Product:
PC Power Speed

Description:
PC Power Speed Tray

Version:
1.1.0.12

MD5:
b8404d4fcc7c514a813d11da58b9588f

SHA-1:
614274165de060b1418ff9b378731adeed3d5590

SHA-256:
d1c2016522620c8b1f1d105d25db61b334a650d5c93725b7f7852aa7ebc8dcfb

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 3:45:54 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Startup.Crawler.L
188838

K7 AntiVirus
Riskware
13.176.11806

McAfee
Artemis!0273EF59176D
5600.7061

Reason Heuristics
PUP.Startup.Crawler.L
14.8.8.2

Sophos
PC Power Speed
4.98

Trend Micro House Call
Suspicious_GEN.F47V0617
7.2.203

Vba32 AntiVirus
BScope.Trojan-Dropper.Injector
3.12.26.0

XVirus List
Win32.Detected
2.4.18

File size:
372.9 KB (381,800 bytes)

Product version:
1.1.0.12

Copyright:
© Crawler.com

Original file name:
PCPowerTray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pcpowerspeed\pcpowertray.exe

Digital Signature
Signed by:
Crawler, LLC

Authority:
VeriSign, Inc.

Valid from:
11/27/2013 1:00:00 AM

Valid to:
1/26/2017 12:59:59 AM

Subject:
CN="Crawler, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crawler, LLC", L=Boca Raton, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
48E3A7F6CBA47D0C3FCD17CF81AB3F76

File PE Metadata
Compilation timestamp:
9/20/2013 4:55:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:T1VVrH32fDJoHG1K1XRy1ztE8TazbKXd/PgiAzEI6gGsYidFRwBBTej:TpH3cDJkxXRQztE8T2bKXd4zmvsYkwQ

Entry address:
0x4590C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 34, 44, 44, 00, E8, 94, 12, FC, FF, E8, 13, E9, FF, FF, E8, E2, ED, FB, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
273 KB (279,552 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PCPowerSpeed

Command:
"C:\Program Files\pcpowerspeed\pcpowertray.exe" \startup


Remove PCPowerTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.