» f0280840_searchprotect.dll
Overview
Analysis
File Details

f0280840_searchprotect.dll

2.0.1.739

Skytech Co., Ltd.

The module f0280840_searchprotect.dll has been detected as adware by 22 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

Publisher:

Skytech Co., Ltd.

Product:

2.0.1.739

Description:

Skytech

Version:

2.0.1.739

MD5:

4224aa96da98e29de4135ca679046657

SHA-1:

c2f830b1c1d402d7fb2bb8008ef6e983b96c77ff

SHA-256:

45a6ef82853f73f928674c9607eb5c2168c198a0eccbc3d10a25af9e641a3170

Scanner detections:

22 / 68

Status:

Adware

Analysis date:

4/25/2024 7:05:06 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.836831

835

Agnitum Outpost

Riskware.Agent

7.1.1

avast!

Win32:SupTab-C [Adw]

141023-1

AVG

Generic

2016.0.3240

Baidu Antivirus

Adware.Win32.Thinknice

4.0.3.141022

Bitdefender

Application.Generic.836831

1.0.20.1475

Clam AntiVirus

Win.Adware.SupTab

0.98/19843

Dr.Web

Trojan.StartPage1.6314

9.0.1.04

Emsisoft Anti-Malware

Application.Bundler.HG

8.15.01.04.12

ESET NOD32

Win32/Thinknice.E potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/Thinknice

1/4/2015

F-Secure

Application.Generic.836831

11.2014-22-10_4

G Data

Application.Generic.836831

14.10.24

K7 AntiVirus

Trojan

13.188.14468

Malwarebytes

PUP.Optional.Skytech.A

v2014.10.22.04

McAfee

Artemis!1A3155827C5F

5600.6896

MicroWorld eScan

Application.Generic.836831

15.0.0.885

Norman

Application.Bundler.HG

11.20150104

Panda Antivirus

Trj/CI.A

15.01.04.12

Qihoo 360 Security

Win32/Application.a8f

1.0.0.1015

Reason Heuristics

PUP.SkytechCo.W

14.10.22.16

VIPRE Antivirus

Threat.4788726

35418

File size:

20 KB (20,480 bytes)

Product version:

2.0.1.739

Original file name:

SearchProtect.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Chinese (Simplified, PRC)

File PE Metadata

Compilation timestamp:

8/13/2014 12:47:13 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

384:2bmVxVGBvPA1Z8AWDvXg4fDbCiZKzn85uyt4:XGxWWAEvXZvPZKz85Vt

Entry address:

0x3235

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3E, 05, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, 48, 46, 00, 10, E8, 7C, 02, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 20, 50, 00, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, 30, 51, 00, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, 70, 41, 00, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

11 KB (11,264 bytes)

Remove f0280840_searchprotect.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.