home

pctutobho.dll

PCTUTOBHO

Agence Exclusive

This is part of the Eorezo downloader which may bundle additional offers on the PC, mostly adware and other potentially unwanted software. The module pctutobho.dll by Agence Exclusive has been detected as a potentially unwanted program by 19 anti-malware scanners.
Publisher:
PCTUTO  (signed by Agence Exclusive)

Product:
PCTUTOBHO

Description:
...

Version:
1.0.0.0

MD5:
8f5ade2bbaf0ec1cf8658807f0d4f6f4

SHA-1:
a4f6c42da54b5dbb2a6b50a4e1a1b18634df4f02

SHA-256:
7911421c4cea9f7abd1404defa44d01aed6c9f4e7e33d617f97dd34f9e4b1282

Scanner detections:
19 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 10:27:07 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.579443
1042

Avira AntiVirus
ADWARE/EoRezo.P.2
8.3.1.6

AVG
MalSign.Adware
2015.0.3520

Baidu Antivirus
Adware.Win32.EoRezo
4.0.3.14330

Bitdefender
Application.Generic.579443
1.0.20.445

Clam AntiVirus
Adware.Agent-5200
0.98/18155

Emsisoft Anti-Malware
Adware.EoRezo.P
8.15.08.12.03

ESET NOD32
Win32/Adware.EoRezo.AE (variant)
8.9271

F-Secure
Application.Generic.579443
11.2014-30-03_1

G Data
Application.Generic.579443
14.3.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

K7 AntiVirus
Unwanted-Program
13.175.10794

Malwarebytes
Adware.Eorezo
v2014.03.30.05

McAfee
Artemis!8F5ADE2BBAF0
5600.7176

MicroWorld eScan
Application.Generic.579443
15.0.0.267

Reason Heuristics
PUP.AgenceExclusive.J
14.7.27.14

Sophos
EoRezo Adware
4.96

Trend Micro House Call
TROJ_GEN.R0CBH05JJ13
7.2.89

VIPRE Antivirus
Trojan.Win32.Generic
25262

File size:
223.6 KB (228,992 bytes)

Product version:
1.0.0.0

Copyright:
(c) PCTUTO SAS. All rights reserved.

Original file name:
AgenceBHO.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\pctuto\pctutobho.dll

Digital Signature
Signed by:
Agence Exclusive

Authority:
VeriSign, Inc.

Valid from:
1/19/2011 1:00:00 AM

Valid to:
1/23/2012 12:59:59 AM

Subject:
CN=Agence Exclusive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Agence Exclusive, L=Paris, S=Ile de France, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
612CB1F3C82CC0C69A0C351146C131A3

File PE Metadata
Compilation timestamp:
8/4/2010 5:59:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:ueJ/xAz78LtoQALWOxXuiOchc9H8l3rPIC+5b1Zwr73c3Lsbet589kFiq:az78LtxAJhFb3Cb1Ibq8sP

Entry address:
0x12BFA

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 00, 5B, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, EC, 63, 02, 10, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 85, C0, 5F, 89, 45, FC, 5E, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 38, 42, 02, 10, C9, C2, 08, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28...
 
[+]

Code size:
140 KB (143,360 bytes)

Remove pctutobho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.