Should I block it?

98%

Yes, 98% block recommendation.

Possible reasons:

Multiple malware detections

Performance resource utilization

Relationships

Parent process

svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Related files

PE file structure

Show functions

Import table

advapi32.dll

RegEnumKeyA, RegEnumValueA, RegQueryValueExA, RegNotifyChangeKeyValue, RegEnumKeyExA, RegQueryInfoKeyA, RegSetValueExA, RegOpenKeyExA, RegCreateKeyExA, RegCloseKey, RegDeleteValueA, RegDeleteKeyA, RegOpenKeyA

gdi32.dll

GetTextExtentPoint32A, CreatePolygonRgn, CreateRoundRectRgn, CombineRgn, CreateSolidBrush, CreateRectRgn, FillRgn, FrameRgn, SetTextColor, SetBkColor, DeleteDC, SelectObject, TextOutA, DeleteObject, ExtCreateRegion, CreateDIBSection, TextOutW, GetTextExtentPoint32W, GetStockObject, GetDeviceCaps, StretchBlt, CreateBitmap, SetStretchBltMode, BitBlt, CreateCompatibleDC, LineTo, MoveToEx, CreatePen, SetBkMode, CreateCompatibleBitmap, CreateFontIndirectA, GetObjectA

kernel32.dll

WinExec, FlushInstructionCache, GetCurrentProcess, HeapAlloc, lstrcmpA, ReleaseMutex, CreateMutexA, GetCurrentProcessId, CompareFileTime, GetFileTime, OpenFile, ResetEvent, FileTimeToSystemTime, GetFileSize, CreateFileA, MoveFileA, DeleteFileA, GetProcAddress, LoadLibraryA, GetSystemTime, FindClose, FindNextFileA, FindFirstFileA, UnmapViewOfFile, ReleaseSemaphore, GetCurrentThread, CreateSemaphoreA, SetUnhandledExceptionFilter, VirtualQuery, IsBadWritePtr, OutputDebugStringA, WriteFile, SetFilePointer, SetFileTime, GetExitCodeThread, ResumeThread, SetThreadPriority, TerminateThread, GlobalReAlloc, GlobalUnlock, GlobalLock, GlobalAlloc, MulDiv, ReadFile, GetTickCount, CreateDirectoryA, RemoveDirectoryA, GetTempFileNameA, GetSystemDefaultLangID, GetLocalTime, SetEndOfFile, FlushFileBuffers, SetStdHandle, IsBadCodePtr, IsBadReadPtr, QueryPerformanceCounter, GetStringTypeW, GetStringTypeA, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetStdHandle, LCMapStringW, LCMapStringA, GetCPInfo, GetOEMCP, HeapSize, TlsGetValue, TlsSetValue, TlsFree, SetLastError, TlsAlloc, TerminateProcess, VirtualFree, HeapCreate, HeapDestroy, ExitProcess, GetFileAttributesA, GetSystemTimeAsFileTime, GetStartupInfoA, HeapReAlloc, RtlUnwind, GetSystemInfo, VirtualAlloc, VirtualProtect, LocalFree, LeaveCriticalSection, EnterCriticalSection, GetCommandLineA, GetCurrentThreadId, Sleep, CreateThread, CreateEventA, WaitForMultipleObjects, WaitForSingleObject, CloseHandle, GetModuleHandleA, LoadLibraryExA, FindResourceA, LoadResource, SizeofResource, FreeLibrary, IsDBCSLeadByte, lstrcatA, GetModuleFileNameA, lstrcpyA, lstrcpynA, InterlockedIncrement, FormatMessageA, LocalAlloc, SetEvent, lstrcmpiA, lstrlenA, GetProcessHeap, HeapFree, InterlockedDecrement, GetLastError, DeleteCriticalSection, InitializeCriticalSection, RaiseException, lstrlenW, WideCharToMultiByte, MultiByteToWideChar, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, CreateProcessA

ole32.dll

CoTaskMemAlloc, CoTaskMemFree, CoTaskMemRealloc, CoRegisterClassObject, StringFromGUID2, CoUninitialize, CoInitialize, CoCreateGuid, OleDraw, StringFromCLSID, CoRevokeClassObject, CoCreateInstance, OleRun

shlwapi.dll

StrRChrA, StrToIntA, PathFindExtensionA

user32.dll

CreatePopupMenu, CharNextA, UnregisterClassA, wsprintfA, DefWindowProcA, SetWindowLongA, GetWindowLongA, CallWindowProcA, PostThreadMessageA, DispatchMessageA, GetMessageA, LoadImageA, LoadStringA, ReleaseCapture, CopyRect, SetCapture, InvalidateRgn, SetFocus, GetFocus, GetCapture, PeekMessageA, TranslateMessage, EnumWindows, SetRect, GetSystemMetrics, IsWindow, EnumChildWindows, GetClassNameA, SendMessageA, GetDesktopWindow, GetWindowRect, TrackPopupMenuEx, InsertMenuItemA, IsMenu, RemoveMenu, DestroyMenu, FillRect, KillTimer, SetTimer, GetCursorPos, WindowFromPoint, ClientToScreen, GetDC, ReleaseDC, SetWindowPos, GetWindowRgn, SetWindowRgn, GetSysColor, ShowWindow, EndPaint, BeginPaint, GetClientRect, CreateWindowExA, RegisterClassExA, DestroyWindow, LoadCursorA, GetClassInfoExA, PostMessageA

version.dll

GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

hbtsrv.exe

Hotbar by Hotbar.com

Remove hbtsrv.exe

Version:	4.8.0.3010
MD5:	a509321d673f96dd0f9a9caf795fc7b2
SHA1:	cc11455af81b8e21117dde5ee9444a8c92fd081a
SHA256:	8d07c55beead7b1ad5c031c15fcf23dbcf9f2d5dc1062e9de46b818519271431

Warning 37 antivirus scanners has detected malware.

What is hbtsrv.exe?

Hotbar adds graphical skins to Internet Explorer, Microsoft Outlook, and Outlook Express toolbars and also adds its own toolbar and search button. These custom toolbars have keyword-targeted advertisements built into them.

About hbtsrv.exe (from Hotbar.com)

“For this popular advertising format, we don't put ads in front of consumers. We put consumers in front of our advertiser’s website. Here's how it works. An advertiser purchases keyword search terms. T”

Details

File name:	hbtsrv.exe
Publisher:	Hotbar.com Inc.
Product name:	Hotbar
Typical file path:	C:\Program Files\hbtools\bin\4.8.0.0\hbtsrv.exe
File version:	4.8.0.3010
Size:	468 KB (479,232 bytes)
Digital DNA
PE subsystem:	Windows GUI
File packed:	No
.NET CLR:	No

More details

Network connections

[TCP] 66.150.14.107:80

Malware detections

Based on 40+ industry antivirus scanners, 37 of them detected the following malware.

Antivirus engine	Engine version	Detection
AhnLab V3 Internet Security	2011.07.15.01	Win-Trojan/Hotbar.479232.B
Avira AntiVir	7.11.11.164	ADSPY/Hotbar.BT.1
Antiy Labs AVL	2.0.3.7	AdWare/Win32.HotBar.gen
Avast5	5.0.677.0	Win32:Adware-LA [PUP]
AVG	2014.0.3629	Generic.PRS
BitDefender	7.2	Adware.Hotbar.BR
CAT Quick Heal	4.13.11.00	AdWare.Hotbar (Not a Virus)
Clam AntiVirus	0.97.0.0	Adware.Hotbar-2
Commtouch	5.3.2.6	W32/Adware.FIV
Comodo Internet Security	9392	UnclassifiedMalware
Dr.Web	5.0.2.03300	Adware.Hotbar
Emsisoft Anti-Malware	5.1.0.8	Riskware.AdWare.Win32.HotBar.bt!IK
eSafe	7.0.17.0	Win32.ADSPYHotbar.Bt
eTrust-Vet	36.1.8445	Win32/SpamBlockerUtility_G
F-Prot	v6.4.6.2.117	W32/Adware.FIV
F-Secure	9.0.16440.0	Adware.Hotbar.BR
G Data	13.4.22	Adware.Hotbar.BR
Ikarus	T3.1.1.104.0	not-a-virus:AdWare.Win32.HotBar.bt
K7 AntiVirus	9.108.4907	Adware
Kaspersky	9.0.0.837	not-a-virus:AdWare.Win32.HotBar.bt
McAfee	5.400.1158	Adware-HotBar
McAfee Gateway Anti-Malware	v2010.1D-dat	Artemis!A509321D673F
Microsoft Security Essentials	1.7000.0	Adware:Win32/Hotbar
NOD32	6296	probably a variant of Win32/Adware.HotBar
Norman	6.07.10	W32/HotBar.FH
nProtect	2011-07-15.01	Trojan/W32.Agent.479232.CN
PC Tools	8.0.0.5	Adware.HotBar
Rising Antivirus	23.66.04.03	Adware.Win32.HotBar.bt
Sophos	4.67.0	Hotbar
Symantec	20111.1.0.186	Adware.Hotbar
The Hacker	6.7.0.1.255	Adware/HotBar.bt
Trend Micro	9.200.0.1012	ADW_HOTBAR.BJ
Trend Micro HouseCall	9.200.0.1012	ADW_HOTBAR.BJ
Vba32 AntiVirus	3.12.16.4	AdWare.HotBar.bt
VIPRE Antivirus	9863	Hotbar
ViRobot	2011.7.15.4571	Adware.HotBar.479232.A
VirusBuster	14.0.125.0	Adware.HotBar!Mwn4IVj31c8

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.03681950%	0.028634%
Kernel CPU:	0.03032194%	0.013761%
User CPU:	0.00649756%	0.014873%
Kernel CPU time:	140 ms/min	100,923,805ms/min
Memory
Private memory:	3.69 MB	21.59 MB
Private (maximum):	9.53 MB
Private (minimum):	9.47 MB
Non-paged memory:	3.69 MB	21.59 MB
Virtual memory:	67.06 MB	140.96 MB
Virtual memory (peak):	78.08 MB	169.69 MB
Working set:	9.53 MB	18.61 MB
Working set (peak):	11.34 MB	37.95 MB
Resource allocations
Threads:	7	12
Handles:	255	600
GUI GDI count:	10	103
GUI GDI peak:	11	142
GUI USER count:	8	49
GUI USER peak:	15	71

Process properties

Integrety level:	Medium
Platform:	32-bit
Command line:	"C:\Program Files\hbtools\bin\4.8.0.0\hbtsrv.exe" -embedding
Owner:	User
Parent process:	svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Distribution by Windows OS

OS version	distribution
Windows 7 Ultimate N	100.00%

Remove Adware and Spyware Programs, FREE Download!