home

spvc64.dll

Lenovo Browser Guard

ClientConnect LTD

The file belongs to the ClientConnect (Conduit/Perion) platform, a utility that bundles and monetizes search toolbars and browser add-ons. The module spvc64.dll by ClientConnect has been detected as adware by 12 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Lenovo Browser Guard by ClientConnect LTD and Run_Dregol by Run_Dregol, both potentially unwanted software.
Publisher:
ClientConnect LTD  (signed and verified)

Product:
Lenovo Browser Guard

Version:
2.14.0.129

MD5:
3b260264ba2c43f8122ca96bc44a3b3d

SHA-1:
3d516d4b838e1f6540cc4c3cae4a5418f19210da

SHA-256:
5ed795e5dd3b2aba1fb98429670244b25ab3e57b98cb6f57f37d2ba2c18b173c

Scanner detections:
12 / 68

Status:
Adware

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
4/25/2024 3:12:12 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Conduit-D [PUP]
2014.9-141101

AVG
ClientConnect
2015.0.3304

Baidu Antivirus
PUA.Win32.ClientConnect
4.0.3.14111

ESET NOD32
Win32/ClientConnect (variant)
8.10624

G Data
Win64.Application.SearchProtect.AB@gen
14.11.24

IKARUS anti.virus
PUA.ClientConnect
t3scan.1.7.5.0

Malwarebytes
PUP.Optional.SearchProtect.A
v2014.11.01.02

McAfee
Artemis!3B260264BA2C
5600.6960

Reason Heuristics
PUP.ClientConnect.G
14.11.1.2

Sophos
Conduit Search Protect
4.98

Trend Micro House Call
TROJ_GEN.F47V0605
7.2.305

VIPRE Antivirus
Conduit
34266

File size:
3.1 MB (3,260,744 bytes)

Product version:
2.14.0.129

Original file name:
Lenovo Browser Guard

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\lenovobrowserguard\lenovobrowserguard\bin\spvc64.dll

Digital Signature
Signed by:
ClientConnect LTD

Authority:
VeriSign, Inc.

Valid from:
1/28/2014 5:30:00 AM

Valid to:
1/30/2016 5:29:59 AM

Subject:
CN=ClientConnect LTD, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Lenovo Browser Guard, O=ClientConnect LTD, L=Ness Ziona, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
177310CAE60BB43B9E75B02DA2C1AC11

File PE Metadata
Compilation timestamp:
5/12/2014 9:17:32 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:HxZXGLdeEPg+t3dbUgqpF3DrpFw6Ork/wViltx9nAv1VnY:HM1buZI1VnY

Entry address:
0xD8AE8

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, F7, 88, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 74, C3, 1F, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
6.0836

Code size:
1.7 MB (1,799,168 bytes)

The file spvc64.dll has been discovered within the following programs.

Lenovo Browser Guard  by ClientConnect LTD
This is a branded version for Lenovo of the Conduit/Perion Search Protect software, a potentially unwanted program that maintains the partner or affiliate directed web page.
79% remove it
Run_Dregol  by Run_Dregol
Identified as a version of the CMI/ConvertAd family of malware ad-injectors, this adware which is typically bundled with third-party applications in unwanted software bundles will hijack the user's browser (Internet Explorer, Chrome and Firefox) and display unwanted ads.
80% remove it
 
Powered by Should I Remove It?

Remove spvc64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.