home

PCTAV.exe

PC Tools AntiVirus Client

PC Tools

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PCTAVApp’.
Publisher:
PC Tools Research Pty Ltd  (signed by PC Tools)

Product:
PC Tools AntiVirus Client

Version:
4, 0, 0, 25

MD5:
9d190e8e10371fbc8da888f7fdc9927d

SHA-1:
16ad072288015e1b9a7565c1b4598aa3a21bef8c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 7:09:54 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Patched.Y.gen
4.6.5.141

File size:
1.2 MB (1,238,928 bytes)

Product version:
4, 0, 0, 25

Copyright:
Copyright PC Tools Research Pty Ltd 2006

Original file name:
PCTAV.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pc tools antivirus\pctav.exe

Digital Signature
Signed by:
PC Tools

Authority:
VeriSign, Inc.

Valid from:
8/17/2006 7:00:00 AM

Valid to:
8/17/2009 6:59:59 AM

Subject:
CN=PC Tools, OU=Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PC Tools, L=Melbourne, S=Victoria, C=AU

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0DBD834441EB5DA04C0C3A88C3BD42FC

File PE Metadata
Compilation timestamp:
2/15/2008 11:13:50 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

Entry address:
0x17A022

Entry point:
C3, C3, C3, C3, C3, C3, C3, C3, FF, FF, 6A, 0C, 68, 88, 80, 5A, 00, E8, 44, 15, 00, 00, 8B, 4D, 08, 33, FF, 3B, CF, 76, 2E, 6A, E0, 58, 33, D2, F7, F1, 3B, 45, 0C, 1B, C0, 40, 75, 1F, E8, 36, 13, 00, 00, C7, 00, 0C, 00, 00, 00, 57, 57, 57, 57, 57, E8, C7, 12, 00, 00, 83, C4, 14, 33, C0, E9, D5, 00, 00, 00, 0F, AF, 4D, 0C, 8B, F1, 89, 75, 08, 3B, F7, 75, 03, 33, F6, 46, 33, DB, 89, 5D, E4, 83, FE, E0, 77, 69, 83, 3D, 20, B1, 5A, 00, 03, 75, 4B, 83, C6, 0F, 83, E6, F0, 89, 75, 0C, 8B, 45, 08, 3B, 05, 10, B1...
 
[+]

Code size:
316 KB (323,584 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PCTAVApp

Command:
"C:\Program Files\pc tools antivirus\pctav.exe" \monitorscan


Scan PCTAV.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.