MalwareProtectionClient.exe

MalwareProtectionClient

Malware Protection Live

The executable MalwareProtectionClient.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MalwareProtectionLive’. This file is typically installed with the program Malware Protection Live.
Publisher:
Malware Protection Live  (signed and verified)

Product:
MalwareProtectionClient

Version:
1.0.*

MD5:
d7413da19c957c230d528439711d2a8b

SHA-1:
7bb85ad9deedd66dd00deacea2e8571bf540500c

SHA-256:
1561df1831f1a1790bce812f823d6623c20d49583551859679864e1b6c7937ee

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 10:36:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.5.15

File size:
1.1 MB (1,187,360 bytes)

Product version:
1.0.*

Copyright:
Copyright © 2015

Original file name:
MalwareProtectionClient.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
7/6/2015 7:00:00 AM

Valid to:
7/6/2017 6:59:59 AM

Subject:
CN=Malware Protection Live, O=Malware Protection Live, L=Fort Myers, S=Florida, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0DB13F364982158C0E6000F666CC2AA4

File PE Metadata
Compilation timestamp:
11/11/2016 8:04:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x111D0D

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8324

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,113,600 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MalwareProtectionLive

Command:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe


The file MalwareProtectionClient.exe has been discovered within the following program.

About 1% of users remove it
 
Powered by Should I Remove It?

Remove MalwareProtectionClient.exe - Powered by Reason Core Security