We received the file SPVC32LOADER.DLL and detected that SPVC32LOADER.DLL is not good.
SPVC32LOADER.DLL is Adware. You should remove the file SPVC32LOADER.DLL.
Kill the process SPVC32LOADER.DLL and remove SPVC32LOADER.DLL from Windows.
Malware Analysis of SPVC32LOADER.DLL
Full path on a computer: %Program Files%\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Detected by UnHackMe:
SPVC32LOADER.DLL
Default location: %Program Files%\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Removal Results: Success
Number of reboot: 1
SPVC32LOADER.DLL is known as:
Adware.PUP.Optional.Conduit.A, Conduit (fs), Application.SearchProtect.O, a variant of Win32.Conduit.SearchProtect.H, PUP.Conduit.A
SPVC32LOADER.DLL hash:
- MD5: b81cfb221816101e406b50adf14acc30
The file tries to download information from some web sites.
How to quickly detect SPVC32LOADER.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal FR\DisplayName: “Deeal FR”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal FR\UninstallString: “%Program Files%\Deeal FR\Uninstall.exe /fromcontrolpanel=1″
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\DisplayName: “Search Protect”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\UninstallString: “”C:\PROGRA~1\SearchProtect\Main\bin\uninstall.exe” /S”
- HKLM\System\CurrentControlSet\Services\CltMngSvc\ImagePath: “C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe”
- HKLM\System\CurrentControlSet\Services\CltMngSvc\DisplayName: “Search Protect by Conduit Service”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll”
Folders:- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\searchplugins
- %Appdata%\wp_update
- %Local Appdata%\SearchProtect
- %Local Appdata%\SearchProtect\Logs
- %Local Appdata%\SearchProtect\SearchProtect
- %Local Appdata%\SearchProtect\SearchProtect\rep
- %Local Appdata%\SearchProtect\SearchProtect\STG
- %Local Appdata%\SearchProtect\UI
- %Local Appdata%\SearchProtect\UI\rep
- %Temp%\38fdaae5-8e0e-493c-88ec-e05c3be06e42
- %Temp%\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B
- %Temp%\nsb1B.tmp
- %Temp%\nsbD.tmp
- %Temp%\nse1F.tmp
- %Temp%\nse31.tmp
- %Temp%\nsh3C.tmp
- %Temp%\nsk36.tmp
- %Temp%\nskE
- %Temp%\nsn3.tmp
- %Temp%\nsq39.tmp
- %Temp%\nsu34.tmp
- %Temp%\nsv22.tmp
- %Temp%\nsw9.tmp
- %Temp%\_Temp_jxhucgc.tmp
- %Temp%\~bnovrgf
- %Program Files%\Deeal FR
- %Program Files%\SearchProtect
- %Program Files%\SearchProtect\Main
- %Program Files%\SearchProtect\Main\bin
- %Program Files%\SearchProtect\Main\rep
- %Program Files%\SearchProtect\SearchProtect
- %Program Files%\SearchProtect\SearchProtect\bin
- %Program Files%\SearchProtect\SearchProtect\rep
- %Program Files%\SearchProtect\UI
- %Program Files%\SearchProtect\UI\bin
- %Program Files%\SearchProtect\UI\dialogs
- %Program Files%\SearchProtect\UI\dialogs\bubble
- %Program Files%\SearchProtect\UI\dialogs\Images
- %Program Files%\SearchProtect\UI\dialogs\libs
- %Program Files%\SearchProtect\UI\dialogs\protection
- %Program Files%\SearchProtect\UI\dialogs\protectionDS
- %Program Files%\SearchProtect\UI\dialogs\settings
- %Program Files%\SearchProtect\UI\dialogs\uninstall
- %Program Files%\SearchProtect\UI\rep
Files:- %Appdata%\Microsoft\CryptnetUrlCache\Content\F6DEB9C1F3251400F7D6EB743CB14FB4
- %Appdata%\Microsoft\CryptnetUrlCache\MetaData\F6DEB9C1F3251400F7D6EB743CB14FB4
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\searchplugins\conduit-search.xml
- %Appdata%\wp_update\currentVersion.txt
- %Appdata%\~svcgcdk.exe
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\000024.log
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000023
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000031.ldb
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000032.log
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000030
- %Local Appdata%\SearchProtect\SearchProtect\rep\Cvc.dat
- %Local Appdata%\SearchProtect\SearchProtect\rep\UserRepository.dat
- %Local Appdata%\SearchProtect\SearchProtect\rep\UserSettings.dat
- %Local Appdata%\SearchProtect\UI\rep\UIRepository.dat
- %Temp%\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js
- %Temp%\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json
- %Temp%\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js
- %Temp%\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js
- %Temp%\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json
- %Temp%\inet.txt
- %Temp%\nsa20.exe
- %Temp%\nsa20.tmp
- %Temp%\nsc1C.exe
- %Temp%\nsc1C.tmp
- %Temp%\nsh3C.tmp\166577
- %Temp%\nsh3C.tmp\5733
- %Temp%\nsh3C.tmp\inetc.dll
- %Temp%\nsh3C.tmp\InstallerUtils.dll
- %Temp%\nsh3C.tmp\InstallerUtils2.dll
- %Temp%\nsh3C.tmp\md5dll.dll
- %Temp%\nsh3C.tmp\nsisos.dll
- %Temp%\nsh3C.tmp\StdUtils.dll
- %Temp%\nsh3C.tmp\System.dll
- %Temp%\nsh3C.tmp\update.json
- %Temp%\nsh3C.tmp\UserInfo.dll
- %Temp%\nsi4.tmp
- %Temp%\nsj38.tmp
- %Temp%\nsjA.tmp
- %Temp%\nskE\SpSetup.exe
- %Temp%\nskE.tmp
- %Temp%\nsn18.tmp
- %Temp%\nsp19.exe
- %Temp%\nsp19.tmp
- %Temp%\nsq39.tmp\Qqvgmsl.tmp
- %Temp%\nsq39.tmp\StdUtils.dll
- %Temp%\nsq39.tmp\System.dll
- %Temp%\nsq39.tmp\WrapperUtils.dll
- %Temp%\nsq39.tmp\Xkosts.exe
- %Temp%\nsw3B.tmp
- %Temp%\nsx2F.exe
- %Temp%\nsx2F.tmp
- %Temp%\nsx32.exe
- %Temp%\nsx32.tmp
- %Temp%\nsz2E.exe
- %Temp%\nsz2E.tmp
- %Temp%\setup.exe
- %Temp%\_Temp_jxhucgc.tmp\AARTEMIS.ini
- %Temp%\_Temp_jxhucgc.tmp\close.png
- %Temp%\_Temp_jxhucgc.tmp\CONDUIT.exe
- %Temp%\_Temp_jxhucgc.tmp\CONDUIT.ini
- %Temp%\_Temp_jxhucgc.tmp\CONF.ini
- %Temp%\_Temp_jxhucgc.tmp\decline.png
- %Temp%\_Temp_jxhucgc.tmp\FR.ini
- %Temp%\_Temp_jxhucgc.tmp\install_minecraft.ini
- %Temp%\_Temp_jxhucgc.tmp\INSTALL_MINECRAFT_install.exe
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_AARTEMIS_DEEAL.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_BUBBLE_DEEAL.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_BUBBLE_DEEAL_BIS.exe
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_BUBBLE_DEEAL_BIS.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_DEEAL.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_EASYSOFT_EULA.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_IMMINENT_DEEAL.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_MAIN_OFFER.html
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_MAIN_OFFER.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_MYPCBACKUP_OPTIMIZERPRO.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_MYPCBACKUP_PCMAXIMIZER.ini
- %Temp%\_Temp_jxhucgc.tmp\KREAPIXEL_SWEETPAGE_DEEAL.ini
- %Temp%\_Temp_jxhucgc.tmp\minecraft.png
- %Temp%\_Temp_jxhucgc.tmp\MYPCBACKUP.ini
- %Temp%\_Temp_jxhucgc.tmp\OPTIMIZERPRO.ini
- %Temp%\_Temp_jxhucgc.tmp\setup.ini
- %Temp%\_Temp_jxhucgc.tmp\SPI.exe
- %Temp%\_Temp_jxhucgc.tmp\terms_easysoft_en.html
- %Temp%\_Temp_jxhucgc.tmp\terms_easysoft_fr.html
- %Temp%\_Temp_jxhucgc.tmp\WAJAM.ini
- %Temp%\_Temp_jxhucgc.tmp\wajam_validate.exe
- %Temp%\~bnovrgf\deeal.exe
- %Temp%\~bnovrgf\~krafzml.ini
- %Program Files%\Deeal FR\40545.crx
- %Program Files%\Deeal FR\79c09b4e-f4df-41f4-a8d0-5c0552e9eee6-3.exe
- %Program Files%\Deeal FR\Uninstall.exe
- %Program Files%\Deeal FR\utils.exe
- %Program Files%\SearchProtect\EULA.txt
- %Program Files%\SearchProtect\Main\bin\CltMngSvc.exe
- %Program Files%\SearchProtect\Main\bin\SPTool.dll
- %Program Files%\SearchProtect\Main\bin\uninstall.exe
- %Program Files%\SearchProtect\Main\rep\SystemRepository.dat
- %Program Files%\SearchProtect\SearchProtect\bin\cltmng.exe
- %Program Files%\SearchProtect\SearchProtect\bin\SPTool64.exe
- %Program Files%\SearchProtect\SearchProtect\bin\SPVC32.dll
- %Program Files%\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
- %Program Files%\SearchProtect\SearchProtect\bin\SPVC64.dll
- %Program Files%\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
- %Program Files%\SearchProtect\UI\bin\cltmngui.exe
- %Program Files%\SearchProtect\UI\dialogs\bubble\bubble.css
- %Program Files%\SearchProtect\UI\dialogs\bubble\bubble.html
- %Program Files%\SearchProtect\UI\dialogs\bubble\bubble.js
- %Program Files%\SearchProtect\UI\dialogs\bubble\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\Images\Apply-default.png
- %Program Files%\SearchProtect\UI\dialogs\Images\Apply-onclick.png
- %Program Files%\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bg-with-logo.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bg.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bgNotif.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bgSettings.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
- %Program Files%\SearchProtect\UI\dialogs\Images\bgUninstall.png
- %Program Files%\SearchProtect\UI\dialogs\Images\btnBlue.png
- %Program Files%\SearchProtect\UI\dialogs\Images\btnClose.png
- %Program Files%\SearchProtect\UI\dialogs\Images\btnSilver.png
- %Program Files%\SearchProtect\UI\dialogs\Images\checkbox.png
- %Program Files%\SearchProtect\UI\dialogs\Images\checkbox_checked.png
- %Program Files%\SearchProtect\UI\dialogs\Images\checkbox_def.png
- %Program Files%\SearchProtect\UI\dialogs\Images\close-win-def.png
- %Program Files%\SearchProtect\UI\dialogs\Images\close-win-over-click.png
- %Program Files%\SearchProtect\UI\dialogs\Images\gray-bg.png
- %Program Files%\SearchProtect\UI\dialogs\Images\hez-def.png
- %Program Files%\SearchProtect\UI\dialogs\Images\hez-selected.png
- %Program Files%\SearchProtect\UI\dialogs\Images\hez.png
- %Program Files%\SearchProtect\UI\dialogs\Images\icon-win.png
- %Program Files%\SearchProtect\UI\dialogs\Images\info-icon.png
- %Program Files%\SearchProtect\UI\dialogs\Images\menu-rollover.png
- %Program Files%\SearchProtect\UI\dialogs\Images\menu-selected.png
- %Program Files%\SearchProtect\UI\dialogs\Images\radio-button-def.png
- %Program Files%\SearchProtect\UI\dialogs\Images\radio-button-selected.png
- %Program Files%\SearchProtect\UI\dialogs\Images\radio-button.png
- %Program Files%\SearchProtect\UI\dialogs\Images\radio-button2.png
- %Program Files%\SearchProtect\UI\dialogs\Images\Settings-icon.png
- %Program Files%\SearchProtect\UI\dialogs\Images\text-field.png
- %Program Files%\SearchProtect\UI\dialogs\Images\v.png
- %Program Files%\SearchProtect\UI\dialogs\Images\x.png
- %Program Files%\SearchProtect\UI\dialogs\libs\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\libs\dialogUtils.js
- %Program Files%\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
- %Program Files%\SearchProtect\UI\dialogs\libs\json2.min.js
- %Program Files%\SearchProtect\UI\dialogs\libs\main.js
- %Program Files%\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
- %Program Files%\SearchProtect\UI\dialogs\protection\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\protection\protection.css
- %Program Files%\SearchProtect\UI\dialogs\protection\protection.html
- %Program Files%\SearchProtect\UI\dialogs\protection\protection.js
- %Program Files%\SearchProtect\UI\dialogs\protectionDS\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
- %Program Files%\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
- %Program Files%\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
- %Program Files%\SearchProtect\UI\dialogs\settings\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\settings\settings.css
- %Program Files%\SearchProtect\UI\dialogs\settings\settings.html
- %Program Files%\SearchProtect\UI\dialogs\settings\settings.js
- %Program Files%\SearchProtect\UI\dialogs\settings.html
- %Program Files%\SearchProtect\UI\dialogs\style.css
- %Program Files%\SearchProtect\UI\dialogs\uninstall\defaults.js
- %Program Files%\SearchProtect\UI\dialogs\uninstall\uninstall.css
- %Program Files%\SearchProtect\UI\dialogs\uninstall\uninstall.html
- %Program Files%\SearchProtect\UI\dialogs\uninstall\uninstall.js
- %WinDir%\Tasks\79c09b4e-f4df-41f4-a8d0-5c0552e9eee6-3.job
- C:\END