MalwareProtectionClient.exe

MalwareProtectionClient

Malware Protection Live

The executable MalwareProtectionClient.exe has been detected as malware by 1 anti-virus scanner. It runs as a scheduled task under the Windows Task Scheduler named MPLClient triggered to execute each time a user logs in. This file is typically installed with the program Malware Protection Live.
Publisher:
Malware Protection Live  (signed and verified)

Product:
MalwareProtectionClient

Version:
1.0.*

MD5:
7b1fbcd900be25c9280ef1bc5e30ed31

SHA-1:
253b10002a13e6d8e3998e15dd6a1b818d17cefa

SHA-256:
b04ea681279e39347b14ffbbc4aac439940f8a9a29bccc04249865d785b7b46d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/27/2024 11:14:22 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.5.0

File size:
1.5 MB (1,599,008 bytes)

Product version:
1.0.*

Copyright:
Copyright © 2015

Original file name:
MalwareProtectionClient.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\malwareprotectionlive\malwareprotectionclient.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
7/5/2015 9:00:00 PM

Valid to:
7/5/2017 8:59:59 PM

Subject:
CN=Malware Protection Live, O=Malware Protection Live, L=Fort Myers, S=Florida, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0DB13F364982158C0E6000F666CC2AA4

File PE Metadata
Compilation timestamp:
1/4/2017 3:32:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x1764C2

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,525,248 bytes)

Scheduled Task
Task name:
MPLClient

Trigger:
Logon (Runs on logon)

Description:
Malware Protection Live Client


The file MalwareProtectionClient.exe has been discovered within the following program.

About 1% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-35-164-113-176.us-west-2.compute.amazonaws.com  (35.164.113.176:80)

TCP (HTTP):
Connects to ec2-35-164-134-69.us-west-2.compute.amazonaws.com  (35.164.134.69:80)

TCP (HTTP):
Connects to ec2-35-163-9-66.us-west-2.compute.amazonaws.com  (35.163.9.66:80)

TCP (HTTP):
Connects to ec2-54-69-82-117.us-west-2.compute.amazonaws.com  (54.69.82.117:80)

TCP (HTTP):

TCP (HTTP):

Remove MalwareProtectionClient.exe - Powered by Reason Core Security