What is pricEchop?

pricEchop is software application developed by InstalleRex-WebPick. It is most commonly found on computers running Windows 7 with nearly 63.83% of installations running this operating system. pricEchop's installer is typically 691.00 KB in size and installs around 97 files. The most common release is 4.3.0.1667 with 28.72% of all installations currently using this version.

pricEchop is most popular in the United States with 18.82% of installations residing in this country.

About pricEchop?

PriceChop is a web browser plugin supported by advertising and potentially bundled with third-party download managers to facilitate the installation of potentially unwanted software offers (PPI) and through malvertising practices. Its primary function is to deliver various forms of advertisements, such as banners, text hyper-links, inline text ads, and transitionals, to the user's browser. These ads are injected by the plugin and may appear in the header or footer of a web page, replacing any legitimate ads already present. The plugin also has the ability to display a slider in the top right-hand portion of the browser when the user visits a partner site, providing offers that, when clicked, redirect the user to advertiser pages while dropping affiliate cookies on the user's computer. The plugin communicates with a remote server to report the user's browsing habits, including the URLs and domains they visit, in order to update its advertisements. It collects and stores information about the web pages visited and activity on those pages, such as impressions, clicks, and search terms, some of which may be personally identifiable. This information may be used or shared with third parties for the purpose of displaying targeted advertisements, promotional material, and marketing to the user.

Multiple virus scanners have detected malware in pricEchop.

PLi58n5.exe (MD5: f8072abd7a0dbbfb409c9536ecdec1ca) has been flagged by 11 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Graftor.146103
AhnLab-V3	2014.07.10.00	Trojan/Win32.Preloader
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.bAG
Bitdefender	7.2	Gen:Variant.Adware.Graftor.146103
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Graftor.146103 (B)
ESET-NOD32	10069	a variant of Win32/AdWare.MultiPlug.AG
F-Secure	11.0.19100.45	Gen:Variant.Adware.Graftor.146103
G Data	24	Gen:Variant.Adware.Graftor.146103
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Graftor.146103
Panda Antivirus	10.0.3.5	Trj/Genetic.gen

bUegnET.exe (MD5: c3dee947a4bc4a2251ef0138c3c72bc5) has been flagged by 30 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.673297
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
AhnLab-V3	2014.07.14.02	Trojan/Win32.Preloader
Avira AntiVir	7.11.160.160	Adware/MultiPlug.AG
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
AVG	14.0.0.3986	Generic5.AZGM
Bitdefender	7.2	Application.Generic.673297
Comodo Security	18849	ApplicUnwnt
ESET-NOD32	10092	a variant of Win32/AdWare.MultiPlug.AG
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Application.Generic.673297
G Data	24	Application.Generic.673297
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
McAfee	6.0.4.564	RDN/Generic.bfr!ho
McAfee-GW-Edition	2013	RDN/Generic.bfr!ho
MicroWorld-eScan	12.0.250.0	Application.Generic.673297
Sophos	4.98.0	Generic PUA DM
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0707
VIPRE Antivirus	31266	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Trojan.Win32.MultiPlug.BAG
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Graftor.146103 (B)
IKARUS anti.virus	T3.1.6.1.0	PUA.Generic
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Tencent	1.0.0.1	Win32.Risk.Adware.Wrgf
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Symantec	20131.1.5.61	Trojan.Gen
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.MultiPlug.ccbm
NANO AntiVirus	0.28.2.61349	Riskware.Win32.MultiPlug.ddnbyk
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric

MOj4.exe (MD5: be5c16f6998f6d7473150524c8338c62) has been flagged by 22 scanners:

Scanner Software	Version	Result
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
AhnLab-V3	2014.07.28.00	Trojan/Win32.Preloader
Avira AntiVir	7.11.164.60	Adware/MultiPlug.AG.74
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
AVG	14.0.0.3986	Generic5.AZVT
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.81
Comodo Security	18997	ApplicUnwnt
ESET-NOD32	10163	a variant of Win32/AdWare.MultiPlug.AG
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
McAfee	6.0.4.564	Artemis!BE5C16F6998F
McAfee-GW-Edition	2013	Artemis!BE5C16F6998F
Symantec	20131.1.5.61	WS.Reputation.1
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0712
VIPRE Antivirus	31682	Trojan.Win32.Generic!BT
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Graftor.150563
Bitdefender	7.2	Gen:Variant.Graftor.150563
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Graftor.150563 (B)
F-Secure	11.0.19100.45	Gen:Variant.Graftor.150563
G Data	24	Gen:Variant.Graftor.150563
MicroWorld-eScan	12.0.250.0	Gen:Variant.Graftor.150563
Panda Antivirus	10.0.3.5	Trj/Genetic.gen

iZ4Vldh8NU.exe (MD5: 3adc690806b46d83d2badb63ef351a9c) has been flagged by 42 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Graftor.150430
Agnitum Outpost	5.5.1.3	Riskware.ChromePatcher!
AhnLab-V3	2014.09.29.00	Trojan/Win32.Preloader
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
avast!	8.0.1489.320	Win32:Malware-gen
AVG	14.0.0.4025	Generic5.BFGV
Avira	7.11.174.252	Adware/Graftor.150430.29
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Hacktool.Win32.ChromePatcher.aV
Bitdefender	7.2	Gen:Variant.Adware.Graftor.150430
Bkav FE	1.3.0.4959	W32.DusfureLTG.Adware
CAT-QuickHeal	14.00	RiskTool.ChromePatcher.r5 (Not a Virus)
Comodo Security	19644	ApplicUnwnt
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Graftor.150430 (B)
ESET-NOD32	10477	a variant of Win32/AdWare.MultiPlug.BN
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Gen:Variant.Adware.Graftor.150430
G Data	24	Gen:Variant.Adware.Graftor.150430
IKARUS anti.virus	T3.1.7.8.0	Win32.SuspectCrc
K7 AntiVirus	9.183.13504	Adware ( 004a07251 )
K7GW	9.183.13504	Trojan ( 050000001 )
Kaspersky	12.0.0.1225	not-a-virus:RiskTool.Win32.ChromePatcher.er
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
McAfee	6.0.4.564	RDN/Generic PUP.x!clm
McAfee-GW-Edition	v2014.2	BehavesLike.Win32.Expiro.hh
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Graftor.150430
NANO AntiVirus	0.28.2.62286	Riskware.Win32.Graftor.ddudlz
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Rising Antivirus	25.0.0.11	PE:Trojan.Win32.Generic.17258346!388334406
Sophos	4.98.0	Generic PUA GA
Symantec	20141.1.0.330	Trojan.Gen
Trend Micro	9.740.0.1012	TROJ_GEN.R0CBC0EHM14
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R0CBC0EHM14
Vba32 AntiVirus	3.12.26.3	AdWare.Agent
VIPRE Antivirus	33490	Trojan.Win32.Generic!BT
Zillya	2.0.0.1936	Backdoor.PePatch.Win32.40558
Qihoo-360	1.0.0.1015	Win32/Virus.RiskTool.ae6
Avira AntiVir	7.11.166.104	Adware/Graftor.146103.10
Tencent	1.0.0.1	Win32.Risk.Adware.Alsn
ViRobot	2011.4.7.4223	Adware.Graftor.578048
Norman	7.04.04	Suspicious_Gen4.GWCSL

uofoh8.exe (MD5: 3341cab47ee090715a8347df8186a28a) has been flagged by 12 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Graftor.150430
AhnLab-V3	2014.08.14.00	Trojan/Win32.Preloader
avast!	8.0.1489.320	Win32:Malware-gen
Bitdefender	7.2	Gen:Variant.Graftor.150430
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Graftor.150430 (B)
F-Secure	11.0.19100.45	Gen:Variant.Graftor.150430
G Data	24	Gen:Variant.Graftor.150430
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
MicroWorld-eScan	12.0.250.0	Gen:Variant.Graftor.150430
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.bAG
ESET-NOD32	10097	a variant of Win32/AdWare.MultiPlug.AG

Software Details

URL:

https://price-chop.info

Support:

–

Installation path:

C:\ProgramData\pricechop

Uninstaller:

"C:\ProgramData\pricEchop\2SgdvQ6tHh.exe" /s /n /C:"ExecuteCommands;UninstallCommands" ""

Size:

691.00 KB

Language:

English

pricEchop Executable Details

Primary executable:

2SgdvQ6tHh.exe

Name:

pricEchop

Path:

C:\ProgramData\pricechop\2SgdvQ6tHh.exe

MD5:

1b63b4e4fe4be0d8607d362c3d2f2677

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

NaUW.exe

Malware

afda36c31a4224fc0e1869f8feac4ed4

EXE

594.exe

Malware

5b288612fe43837c7a6b439eaed297d8

EXE

XPEc76yC.exe

Malware

26d64e2da87c1b05beb9ae368d4100f8

EXE

9Otk.exe

Malware

89950b026fe90cdd121906866b15788f

EXE

3P0.exe

0d8165b5a716b172aeafc27fea577bc8

EXE

nie90xzSpGl.exe

e892d85ebe8e66b1088d18a21c3da282

EXE

uu4ENDPl2.exe

d068c3b02dc61fff62c60942f5f80c6e

EXE

heCF.exe

Malware

d068c3b02dc61fff62c60942f5f80c6e

EXE

PoMwBLmG.exe

b77836968f62d148ce6ca2d796e55e20

EXE

KlLljU5I91m.exe

1b63b4e4fe4be0d8607d362c3d2f2677

File Type	Filename	MD5
EXE	NaUW.exe Malware	afda36c31a4224fc0e1869f8feac4ed4
EXE	594.exe Malware	5b288612fe43837c7a6b439eaed297d8
EXE	XPEc76yC.exe Malware	26d64e2da87c1b05beb9ae368d4100f8
EXE	9Otk.exe Malware	89950b026fe90cdd121906866b15788f
EXE	3P0.exe	0d8165b5a716b172aeafc27fea577bc8
EXE	nie90xzSpGl.exe	e892d85ebe8e66b1088d18a21c3da282
EXE	uu4ENDPl2.exe	d068c3b02dc61fff62c60942f5f80c6e
EXE	heCF.exe Malware	d068c3b02dc61fff62c60942f5f80c6e
EXE	PoMwBLmG.exe	b77836968f62d148ce6ca2d796e55e20
EXE	KlLljU5I91m.exe	1b63b4e4fe4be0d8607d362c3d2f2677

pricEchop

What is pricEchop?

About pricEchop?

Multiple virus scanners have detected malware in pricEchop.

Software Details

pricEchop Executable Details