pcthhook64.exe

PCTechHotline

Crawler, LLC

The application pcthhook64.exe, “PCTechHotline Hook Application” by Crawler has been detected as a potentially unwanted program by 12 anti-malware scanners. This file is typically installed with the program PC Tech Hotline by Crawler, LLC which is a potentially unwanted software program.
Remove pcthhook64.exe - Powered by Reason Core Security
Publisher:
Crawler, LLC  (signed and verified)

Product:
PCTechHotline

Description:
PCTechHotline Hook Application

Version:
3.0.0.1

MD5:
26e63755df5ff42f8c0cbbdeb83b7875

SHA-1:
7dc62ada8958625b1894c7ff64284c74c7be192f

SHA-256:
a4cd4c8073489ffb9f41b2fbe760555da677e1f9f977918436aa362f2eeb00c3

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
12/10/2016 1:45:40 PM UTC  (today)

Scan engine
Detection
Engine version

Antiy Labs AVL
RiskWare[WebToolbar:not-a-virus]/Win32.CrawBar
1.0.0.1

Baidu Antivirus
Adware.Win32.Crawler
4.0.3.141215

Fortinet FortiGate
Riskware/CrawBar
12/15/2014

IKARUS anti.virus
not-a-virus:WebToolbar.CrawBar
t3scan.1.8.5.0

K7 AntiVirus
Riskware
13.186.14280

K7 Gateway Antivirus
Riskware
13.186.14270

Kaspersky
not-a-virus:WebToolbar.Win32.CrawBar
14.0.0.2795

McAfee
Artemis!66B034DA73C0
5600.6916

McAfee Web Gateway
Artemis
7.6916

Panda Antivirus
Generic Suspicious
14.12.15.12

Reason Heuristics
PUP.Crawler.K
14.8.8.2

Trend Micro House Call
Suspicious_GEN.F47V1113
7.2.349

Remove pcthhook64.exe - Powered by Reason Core Security
File size:
72.4 KB (74,088 bytes)

Product version:
3.0.0.0

Copyright:
© Crawler, LLC

Original file name:
PCTHHook.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pctechhotline\pcthhook64.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/26/2013 4:00:00 PM

Valid to:
1/25/2017 3:59:59 PM

Subject:
CN="Crawler, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crawler, LLC", L=Boca Raton, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
48E3A7F6CBA47D0C3FCD17CF81AB3F76

File PE Metadata
Compilation timestamp:
2/4/2014 4:44:12 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:W5TfuxQ0n0b88B883RZGjr8tCsWSHVd+D4nF:W5T2xQ0n0I8B8mRAq3+0F

Entry address:
0x1598

Entry point:
48, 83, EC, 28, E8, 9B, 14, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, FF, 15, F5, 7A, 00, 00, B9, 01, 00, 00, 00, 89, 05, 9A, 02, 01, 00, E8, E1, 1D, 00, 00, 48, 8B, CB, E8, 81, 1B, 00, 00, 83, 3D, 86, 02, 01, 00, 00, 75, 0A, B9, 01, 00, 00, 00, E8, C6, 1D, 00, 00, B9, 09, 04, 00, C0, 48, 83, C4, 20, 5B, E9, 3F, 1B, 00, 00, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 83, EC, 38, B9, 17, 00, 00, 00, E8, FD, 69, 00, 00, 85, C0, 74, 07, B9, 02, 00, 00, 00, CD, 29, 48, 8D...
 
[+]

Entropy:
5.4150

Code size:
29 KB (29,696 bytes)

The file pcthhook64.exe has been discovered within the following program.

PC Tech Hotline  by Crawler, LLC
Publisher's description - “You may order the Service by submitting a service plan order through the PC Tech Hotline website or by calling PC Tech Hotline.”
www.PCTechHotline.com
74% remove it
 
Powered by Should I Remove It?

Remove pcthhook64.exe - Powered by Reason Core Security