» dlprotectsvc.exe
Overview
Analysis
File Details
Behaviors (1)

dlprotectsvc.exe

The application dlprotectsvc.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Download Protect Service”.

File name:

dlprotectsvc.exe

MD5:

a60eccc91aee86f793e6fcb9a454265c

SHA-1:

02dbc55c7ac0ff41cb2a015e48bbd8a27e876da6

SHA-256:

40386bf808ffbefbb184e93249696c2993a195ac0723ce55c7084e7c5fbbb2b9

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 11:21:59 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

APPL/DProtect.125442

7.11.145.18

avast!

Win32:Adware-BEV [PUP]

2014.9-140424

AVG

Skodna.Generic_r

2015.0.3495

Dr.Web

Trojan.DownLoad3.32663

9.0.1.0114

ESET NOD32

Win64/Agent.BR

8.9715

Fortinet FortiGate

W32/Agent.BR!tr

4/24/2014

IKARUS anti.virus

AdWare.DProtect

t3scan.1.6.1.0

Malwarebytes

Adware.Agent

v2014.04.24.05

SUPERAntiSpyware

Adware.DProtect

10647

VIPRE Antivirus

Trojan.Win32.Generic

28562

File size:

122.5 KB (125,440 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Windows\System32\dlprotectsvc.exe

File PE Metadata

Compilation timestamp:

12/3/2013 8:35:34 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

3072:uP3fzKWcWOvyxbRmy75vTdMuNsv9TdF89MCIFvlsr6:utcWJJAk51NsFf87QvD

Entry address:

0x127C4

Entry point:

48, 83, EC, 28, E8, 6F, 34, 00, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 7C, 24, 18, 4C, 89, 6C, 24, 20, 41, 56, 48, 83, EC, 30, 4C, 8D, 35, BC, A8, 00, 00, 8B, F9, 33, DB, 49, 8B, C6, 3B, 08, 74, 0B, FF, C3, 48, 83, C0, 10, 83, FB, 17, 72, F1, 83, FB, 17, 0F, 83, D4, 01, 00, 00, B9, 03, 00, 00, 00, E8, 5F, 39, 00, 00, 83, F8, 01, 0F, 84, 7C, 01, 00, 00, B9, 03, 00, 00, 00, E8, 4C, 39, 00, 00, 85, C0, 75, 0D, 83, 3D, 6D, A8, 00, 00, 01, 0F, 84, 61, 01, 00, 00, 81, FF, FC... 
[+]

Code size:

112 KB (114,688 bytes)

Service

Display name:

Download Protect Service

Service name:

DlProtectSvc

Type:

Win32OwnProcess

Remove dlprotectsvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.