dlprotectsvc.exe

The application dlprotectsvc.exe has been detected as a potentially unwanted program by 13 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Download Protect Service”.
Remove dlprotectsvc.exe - Powered by Reason Core Security
MD5:
2004b3412b931090a3aea475bea5d405

SHA-1:
b37e86d98458af60f36cd11b4e533a904c03fbab

SHA-256:
45f20dae6d7237f0f078bbd7230ee2bc3e92343bac98ba1d75140d0318574c7a

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
12/5/2016 1:40:43 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

Avira AntiVirus
APPL/DProtect.125442
7.11.147.82

Antiy Labs AVL
Trojan/Win32.SGeneric
0.1.0.1

avast!
Win32:Adware-BEV [PUP]
140608-0

AVG
Adware Skodna.Generic_r.IG
2014.0.3955

Dr.Web
Trojan.DownLoad3.32663
9.0.1.0161

ESET NOD32
Win64/Agent.BR trojan
7.0.302.0

Fortinet FortiGate
W32/Agent.BR!tr
6/10/2014

IKARUS anti.virus
AdWare.DProtect
t3scan.1.6.1.0

Malwarebytes
Adware.Agent
v2014.06.10.01

Reason Heuristics
Threat.Win.Reputation.IMP
14.6.10.13

SUPERAntiSpyware
Adware.DProtect
10552

VIPRE Antivirus
Trojan.Win32.Generic
28858

Remove dlprotectsvc.exe - Powered by Reason Core Security
File size:
120.5 KB (123,392 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\dlprotectsvc.exe

File PE Metadata
Compilation timestamp:
5/13/2014 3:19:05 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:QRrrAUYGBRnp4n5rm0HL/68agE55Wi2KvTYxRNZIwp+vlsrw6:QZ1BRnp4nJiTR5eK7XvR6

Entry address:
0x12154

Entry point:
48, 83, EC, 28, E8, 6F, 34, 00, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 7C, 24, 18, 4C, 89, 6C, 24, 20, 41, 56, 48, 83, EC, 30, 4C, 8D, 35, 2C, AF, 00, 00, 8B, F9, 33, DB, 49, 8B, C6, 3B, 08, 74, 0B, FF, C3, 48, 83, C0, 10, 83, FB, 17, 72, F1, 83, FB, 17, 0F, 83, D4, 01, 00, 00, B9, 03, 00, 00, 00, E8, 5F, 39, 00, 00, 83, F8, 01, 0F, 84, 7C, 01, 00, 00, B9, 03, 00, 00, 00, E8, 4C, 39, 00, 00, 85, C0, 75, 0D, 83, 3D, DD, AE, 00, 00, 01, 0F, 84, 61, 01, 00, 00, 81, FF, FC...
 
[+]

Code size:
110 KB (112,640 bytes)

Service
Display name:
Download Protect Service

Service name:
DlProtectSvc

Type:
Win32OwnProcess


Remove dlprotectsvc.exe - Powered by Reason Core Security