Should I block it?
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections
Additional versions
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)
PE file structure |
Show functions |
Import table
advapi32.dll
RegCloseKey, RegEnumKeyExW, CheckTokenMembership, RegOpenKeyExW, FreeSid, RegEnumValueW, AllocateAndInitializeSid, RegDeleteValueW, RegDeleteKeyW, RegQueryValueExW, RegCreateKeyExW, ConvertSidToStringSidW, IsValidSid, GetTokenInformation, OpenProcessToken, RegSetValueExW
kernel32.dll
DllMain
Export table
sprotector.dll
MD5: | d59fb8a196cc8ad8e8bde0c437070cc6 |
SHA1: | d489b4cd3dda20baf9f72bebb9f2d8c451c5a839 |
SHA256: | 337bdbae7ab467677120ea20f71bb04c886894277eb847eee24abf2a117a64c9 |
Warning 16 antivirus scanners has detected malware.
What is sprotector.dll?
SProtector has been detected as 'malware' by multiple antivirus products. TrendMicro classifies it as TROJ_GEN.RCBH1L8. ESET calls it a variant of Win32/SProtector.A. QuickHeal identifies SProtector.dll as Worm.SProtector.A3. Avast classifies it as a potentially unwanted program (PUP) Win32:SProtector-B [PUP] and DrWeb flags it as Adware.BGuard. The program, specifically the sprotector.dll file is loaded into Google Chrome and connects to the Internet.
Overview
sprotector.dll is malware that is loaded as dynamic link library that runs in the context of a process. This is typically installed with the program Search Assistant WebSearch 1.74 published by Search Assistant SProtector and is most likely removed by most users once installed (79% removed).
Details
File name: | sprotector.dll |
Typical file path: | C:\Program Files\ContinueToSave\sprotector.dll |
Size: | 1020 KB (1,044,480 bytes) |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following program will install this file
|
Search Assistant SProtector |
|
Search Assistant WebSearch is an adware program installed into Internet Explorer, Firefox and Chrome. The programs collects and stores information about web browsing habits and sends this information to its remote servers in order to provide injected advertising in search results and various other places. Search Assistant will also modify the browser's home page and search provider. It displays various pop-up advertisements and tracks a...
Malware detections
Based on 40+ industry antivirus scanners, 16 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
8.0.1489.320 |
Win32:SProtector-A [PUP] |
AVG |
2014.0.3629 |
Generic5.AAFF |
BitDefender |
7.2 |
Adware.BGuard.B |
CAT Quick Heal |
4.13.12.00 |
Worm.SProtector.Gen |
Dr.Web |
8.13.4.10 |
Adware.BGuard.11 |
Emsisoft Anti-Malware |
3.0.0.583 |
Adware.BGuard.B (B) |
eSafe |
7.0.17.0 |
Win32.Trojan |
ESET NOD32 |
7.8546 |
a variant of Win32/SProtector.A |
F-Secure |
11.0.19100.45 |
Adware.BGuard.B |
G Data |
13.4.22 |
Adware.BGuard.B |
eScan by MicroWorld |
12.0.250.0 |
Adware.BGuard.B |
nProtect |
2013-06-12.04 |
Adware.BGuard.B |
The Hacker |
None |
Trojan/Sprotector |
Trend Micro |
9.740.0.1012 |
ADW_SPROTECT |
Trend Micro HouseCall |
9.700.0.1001 |
ADW_SPROTECT |
VIPRE Antivirus |
19430 |
Trojan.Win32.Generic!BT |
Distribution by Windows OS
OS version | distribution |
Windows 7 Ultimate |
30.95% |
|
Microsoft Windows XP |
28.57% |
|
Windows 7 Home Premium |
26.19% |
|
Windows 7 Professional |
4.76% |
|
Windows Vista Home Premium |
4.76% |
|
Windows 7 Home Basic |
4.76% |
|
Distribution by country
United States installs about 11.90% of sprotector.dll.
Distribution by PC manufacturer
PC Manufacturer | distribution |
ASUS |
23.53% |
|
Dell |
15.69% |
|
Hewlett-Packard |
13.73% |
|
GIGABYTE |
13.73% |
|
Acer |
7.84% |
|
Sony |
7.84% |
|
American Megatrends |
5.88% |
|
Intel |
3.92% |
|
Lenovo |
3.92% |
|
Toshiba |
3.92% |
|