home

sptool.dll

Lenovo Browser Guard

ClientConnect LTD

The file belongs to the ClientConnect (Conduit/Perion) platform, a utility that bundles and monetizes search toolbars and browser add-ons. The module sptool.dll by ClientConnect has been detected as adware by 18 anti-malware scanners. This file is typically installed with the program Lenovo Browser Guard by ClientConnect LTD which is a potentially unwanted software program.
Publisher:
ClientConnect LTD  (signed and verified)

Product:
Lenovo Browser Guard

Version:
2.14.0.129

MD5:
485c64b18827a1ec007510fc194fd029

SHA-1:
9193fa024a474121933447fd985966f354ea65f2

SHA-256:
7b870a6189dc4a8aa4b74d19cbc40f49e164b768147625207792db3414cf1fba

Scanner detections:
18 / 68

Status:
Adware

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
4/24/2024 5:50:55 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.SearchProtect.P
826

Agnitum Outpost
Riskware.SearchProtect
7.1.1

avast!
Win32:Conduit-C [PUP]
2014.9-141101

AVG
Generic_r
2015.0.3304

Baidu Antivirus
PUA.Win32.Conduit.BSearchProtect
4.0.3.14111

Bitdefender
Application.SearchProtect.P
1.0.20.1525

ESET NOD32
Win32/Conduit.SearchProtect (variant)
8.10587

Fortinet FortiGate
Riskware/Conduit_SearchProtect
11/1/2014

F-Secure
Application.SearchProtect.P
11.2014-01-11_7

G Data
Win32.Application.SearchProtect
14.11.24

IKARUS anti.virus
PUA.Conduit.SearchProtect
t3scan.1.7.5.0

McAfee
Artemis!485C64B18827
5600.6960

MicroWorld eScan
Application.SearchProtect.P
15.0.0.915

NANO AntiVirus
Trojan.Win32.Conduit.deinif
0.28.2.61861

Reason Heuristics
PUP.ClientConnect.G
14.11.1.2

Sophos
Conduit Search Protect
4.98

Trend Micro House Call
TROJ_GEN.F47V0605
7.2.305

VIPRE Antivirus
Conduit
34084

File size:
2.3 MB (2,450,248 bytes)

Product version:
2.14.0.129

Original file name:
Lenovo Browser Guard

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\lenovobrowserguard\main\bin\sptool.dll

Digital Signature
Signed by:
ClientConnect LTD

Authority:
VeriSign, Inc.

Valid from:
1/28/2014 5:30:00 AM

Valid to:
1/30/2016 5:29:59 AM

Subject:
CN=ClientConnect LTD, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Lenovo Browser Guard, O=ClientConnect LTD, L=Ness Ziona, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
177310CAE60BB43B9E75B02DA2C1AC11

File PE Metadata
Compilation timestamp:
5/12/2014 9:18:28 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:MNaZJOOHEUsLYWy+ZjXBAVxqn/hy8cG9O/8m1VnYDwO:ecZHiLwgjXeVxq5o1Vn6

Entry address:
0xC47C0

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F9, 98, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, D8, D0, 1C, 10, E8, 41, 85, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, B4, F8, 1E, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, A0, D8, 17, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.4658

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,526,784 bytes)

The file sptool.dll has been discovered within the following program.

Lenovo Browser Guard  by ClientConnect LTD
This is a branded version for Lenovo of the Conduit/Perion Search Protect software, a potentially unwanted program that maintains the partner or affiliate directed web page.
79% remove it
 
Powered by Should I Remove It?

Remove sptool.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.