MalwareProtectionClient.exe

MalwareProtectionClient

Malware Protection Live

The executable MalwareProtectionClient.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MalwareProtectionLive’. This file is typically installed with the program Malware Protection Live.
Publisher:
Malware Protection Live  (signed and verified)

Product:
MalwareProtectionClient

Version:
1.0.*

MD5:
9e653b393b65fab93bd7f2f134e2b71c

SHA-1:
925552fa04b11c266708982a7976ff55dfbd814e

SHA-256:
fb6435ba4202f47b24f8d27a500abcca6b117002f7edfecb9f95f5f8c7d047f3

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 10:49:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.13.6

File size:
1.1 MB (1,185,824 bytes)

Product version:
1.0.*

Copyright:
Copyright © 2015

Original file name:
MalwareProtectionClient.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
7/5/2015 7:00:00 PM

Valid to:
7/5/2017 6:59:59 PM

Subject:
CN=Malware Protection Live, O=Malware Protection Live, L=Fort Myers, S=Florida, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0DB13F364982158C0E6000F666CC2AA4

File PE Metadata
Compilation timestamp:
8/24/2016 9:03:16 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x11167F

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8344

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,112,064 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MalwareProtectionLive

Command:
C:\users\{user}\appdata\local\malwareprotectionlive\malwareprotectionclient.exe


The file MalwareProtectionClient.exe has been discovered within the following program.

About 1% of users remove it
 
Powered by Should I Remove It?

Remove MalwareProtectionClient.exe - Powered by Reason Core Security