MalwareProtectionClient.exe

MalwareProtectionClient

Malware Protection Live

The executable MalwareProtectionClient.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MalwareProtectionLive’. This file is typically installed with the program Malware Protection Live.
Publisher:
Malware Protection Live  (signed and verified)

Product:
MalwareProtectionClient

Version:
1.0.*

MD5:
d7413da19c957c230d528439711d2a8b

SHA-1:
2b6f6d86e224b7f7370cc9fb0a522f3973497b86

SHA-256:
1561df1831f1a1790bce812f823d6623c20d49583551859679864e1b6c7937ee

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/27/2024 6:19:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.6.16

File size:
1.1 MB (1,187,360 bytes)

Product version:
1.0.*

Copyright:
Copyright © 2015

Original file name:
MalwareProtectionClient.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
7/6/2015 1:00:00 AM

Valid to:
7/6/2017 12:59:59 AM

Subject:
CN=Malware Protection Live, O=Malware Protection Live, L=Fort Myers, S=Florida, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0DB13F364982158C0E6000F666CC2AA4

File PE Metadata
Compilation timestamp:
11/11/2016 1:04:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x111D0D

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8324

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,113,600 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MalwareProtectionLive

Command:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe


The file MalwareProtectionClient.exe has been discovered within the following program.

About 1% of users remove it
 
Powered by Should I Remove It?

Remove MalwareProtectionClient.exe - Powered by Reason Core Security