Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
Child process
Related files
playvolcanosacb.exe
By Pinball
| Version: | 1.0.10.0 |
| MD5: | 9af6567b7dd0730eef248728e4e3b581 |
| SHA1: | 6d8b97954ff269c0586b76a4b952f96ed95c3f10 |
| SHA256: | 0082f192e98e7620490f93f56d3b95cb9d055243c78eb6222b07c1df18deb655 |
Warning 14 antivirus scanners has detected malware.
Overview
playvolcanosacb.exe is malware that executes as a process with the local user's privileges. This is typically installed with the program PlayVolcano published by Pinball Corporation and is most likely removed by most users once installed (53% removed).
Details
| File name: | playvolcanosacb.exe |
| Publisher: | Pinball Corporation. |
| Typical file path: | C:\users\user\appdata\local\playvolcanosa\bin\1.0.10.0\playvolcanosacb.exe |
| File version: | 1.0.10.0 |
| Size: | 268.5 KB (274,944 bytes) |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
PlayVolcano is an ad-supported (users may see additional banner and in-text link advertisements) web browser plugin distributed through various monetization platforms during installation. The browser extension includes various features that will modify the default or custom settings of the browser including the home page and search settings.
Network connections
[UDP] listens on port 63844
[UDP] listens on port 50945
Malware detections
Based on 40+ industry antivirus scanners, 14 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Avira AntiVir |
7.11.44.202 |
Adware/Agent.274944.1 |
| avast! |
6.0.1289.0 |
Win32:HotBar-CB [Adw] |
| AVG |
2014.0.3629 |
Generic5.GLN |
| BitDefender |
7.2 |
Gen:Adware.Heur.qu0@R0KxSBfi |
| Comodo Internet Security |
13717 |
UnclassifiedMalware |
| Emsisoft Anti-Malware |
5.1.0.11 |
Riskware.AdWare.Win32.Shopper!IK |
| F-Secure |
9.0.16440.0 |
Gen:Adware.Heur.qu0@R0KxSBfi |
| G Data |
13.4.22 |
Gen:Adware.Heur.qu0@R0KxSBfi |
| Ikarus |
T3.1.1.122.0 |
not-a-virus:AdWare.Win32.Shopper |
| K7 AntiVirus |
9.153.7676 |
Riskware |
| Kingsoft |
2012.9.4.139 |
Win32.Troj.Generic.a.(kcloud) |
| SUPERAntiSpyware |
5.50.0.1016 |
Adware.Agent/Gen-Pinball |
| Symantec |
20121.2.1.2 |
WS.Reputation.1 |
| VIPRE Antivirus |
13322 |
Trojan.Win32.Generic!BT |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.08837935% | |
| Kernel CPU: | 0.05774897% | |
| User CPU: | 0.03063038% | |
| Kernel CPU time: | 813 ms/min | |
| Context switches: | 6/sec | |
| Memory |
| Private memory: | 19.09 MB | |
| Private (maximum): | 9.38 MB | |
| Private (minimum): | 8.99 MB | |
| Non-paged memory: | 19.09 MB | |
| Virtual memory: | 179.75 MB | |
| Virtual memory (peak): | 201.39 MB | |
| Working set: | 8.49 MB | |
| Working set (peak): | 46.16 MB | |
| Resource allocations |
| Threads: | 16 | |
| Handles: | 505 | |
| GUI GDI count: | 165 | |
| GUI GDI peak: | 189 | |
| GUI USER count: | 63 | |
| GUI USER peak: | 106 | |
Process properties
| Integrety level: | Low |
| Platform: | 64-bit |
| Command lines: |
- "C:\users\user\appdata\local\playvolcanosa\bin\1.0.10.0\playvolcanosacb.exe" /adparams=7ee2988822a220dd3682b317e6515fc42d258212e66a49bc3a286a3ddb2feaa4f96b242264ec911dc111b564c7491b684c136fb94c69f151c178a4635b67e6a6bec4d72c2c52a03332fcbd2780200089e95e4d81a2a5fc1c7f8e137682a66775847b974d562bb33f06ff3292c28ab6cdd710e64a2f967721c1a52ad9cc2c95b4c1ae5320d3e0b1e8d25e87f9fbcf6e52eca9461498301e96dea00015da521230368caff602eadf0f874dbdbd63f002c0172b1a91b39d2ab63ccb281b0a827b8c76bf0c88ed53e70b53656a5e0cfcc
- "C:\users\user\appdata\local\playvolcanosa\bin\1.0.10.0\playvolcanosacb.exe" /adparams=7ee2988822a220dd3682b317e6514cdc747c8111ff6e59a771346a679d26e3e499713a2a69e2a20e9b4cee388c55067c591525e05263e057c76dfa725063f48ae195da302674a32926a68d0d8e363ebae30325e0daaffd3a4484076682e0496d9745b2416c3ebf5d6aa072f19bd7b7e4d626cd473ddf7c20c4cc15dcf727a3b6c0bc547e9ea3bccfed5bbceed8d36556ebf70241cd00429cdf950521d650406272cea5b76ab9830eaa5da8a67fe114fa1b211acbd9c97fde6d9f27745ad311ce20fe46b5e369eb0e502a667511e88
|
| Owner: | User |
Threads
Averages
| PlayVolcanoSACB.exe (main module) |
| Total CPU: | 0.01422184% | |
| Kernel CPU: | 0.01028059% | |
| User CPU: | 0.00394125% | |
| CPU cycles: | 526,086/sec | |
| Context switches: | 3/sec | |
| Memory: | 288 KB | |
| wow64.dll |
| Total CPU: | 0.00296072% | |
| Kernel CPU: | 0.00140214% | |
| User CPU: | 0.00155858% | |
| CPU cycles: | 30,984/sec | |
| Memory: | 252 KB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
100.00% |
|
Distribution by country
United States installs about 100.00% of playvolcanosacb.exe.
