{508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe

The application {508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe has been detected as a potentially unwanted program by 5 anti-malware scanners.
Remove {508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe - Powered by Reason Core Security
MD5:
ae28ea754f6b898656ed31e5d9c4b6db

SHA-1:
0b469c71e19955b8239c1906eba6b16effb35bca

SHA-256:
d43aa73cd3b3d8a092e89edc4dcb7a84c4dd8a0f35cd53f721851ad6866a8198

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
12/9/2016 4:32:42 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.searchprotect
4.0.3.14610

Dr.Web
Threat.Undefined
9.0.1.05190

ESET NOD32
Win32/Conduit.SearchProtect.N potentially unwanted application
7.0.302.0

G Data
Win32.Application.SearchProtect
14.6.24

VIPRE Antivirus
Conduit
30154

Remove {508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe - Powered by Reason Core Security
File size:
215 KB (220,111 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\roaming\iolo\safetynet\manual\{b0b40951-9dc1-4b3f-99f7-361045ab9ad1}\{508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:4II/IG/A4zXfjFAwWC0jNJrTBSC6HFSwYWN:VI/IG/NFzaBJHBebF

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 8D, 54, AE, 44, 9F, A2, 4B, 70, 19, 5B, 03, 00, 90, 9A, 03, 00, 2A, 00, 00, 00, 7B, 35, 30, 38, 43, 45, 43, 37, 34, 2D, 33, 39, 45, 43, 2D, 34, 46, 39, 33, 2D, 38, 44, 31, 43, 2D, 43, 46, 44, 32, 37, 38, 35, 39, 36, 32, 44, 33, 7D, 2E, 65, 78, 65, EC, BD, 0F, 78, 54, D5, B5, F0, 7D, 26, 33, 09, 03, 24, 4C, D0, 44, A3, 06, 8D, 12, 2B, 0A, 52, 34, A0, C4, 80, 0E, 90, 09, 58, 13, 1C, 18, 32, 83, E5, 6F, 84, C4, C9, 18, 12, 9A, 9C, C3, 9F, 96, 68, C2, 24, CA, 78, 18, 6B...
 
[+]

Entropy:
7.9990  (probably packed)

Remove {508cec74-39ec-4f93-8d1c-cfd2785962d3}.exe - Powered by Reason Core Security