home

IeWatchDog.dll

SearchProtect

Giner Tech Inc

The module IeWatchDog.dll, “SearchProtect for ie” by Giner Tech Inc has been detected as adware by 15 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.
Publisher:
Search Protecter  (signed by Giner Tech Inc)

Product:
SearchProtect

Description:
SearchProtect for ie

Version:
4,0,1,1716

MD5:
b1a1833843127d09d0f7f35f78d7ed85

SHA-1:
c30095e84d8841ccd1784e92fd628c12c96b7c36

SHA-256:
8edfd5e1332e31aa753770c3a9e3e578aabaea606b2d475275b354c34822f846

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/30/2025 11:12:07 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

AVG
Generic
2016.0.3138

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.15415

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Mutabaha.120
9.0.1.05190

ESET NOD32
Win32/ELEX.BM potentially unwanted application
7.0.302.0

F-Prot
W32/SearchProtect.B
v6.4.6.5.141

G Data
Win32.Application.SearchProtect.AA@gen
15.4.25

K7 AntiVirus
Unwanted-Program
13.202.15600

Malwarebytes
PUP.Optional.SearchProtect
v2015.04.15.12

Quick Heal
PUA.SearchProtect.OD3
4.15.14.00

Reason Heuristics
Threat.Thinknice.GinerTech
15.4.15.11

Vba32 AntiVirus
AdWare.SearchProtect
3.12.26.3

VIPRE Antivirus
Threat.4150696
38882

Zillya! Antivirus
Adware.SearchProtect.Win32.25
2.0.0.2122

File size:
20.1 KB (20,576 bytes)

Product version:
4,0,1,1716

Copyright:
Copyright (C) 2014

Original file name:
IeWatchDog.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese

Common path:
C:\Program Files\xtab\iewatchdog.dll

Digital Signature
Signed by:
Giner Tech Inc

Authority:
GlobalSign nv-sa

Valid from:
3/24/2015 9:40:38 AM

Valid to:
12/2/2015 5:23:38 AM

Subject:
CN=Giner Tech Inc, O=Giner Tech Inc, L=Wilmington, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112167537F02B71858D5AA3FC5D6CBB4265C

File PE Metadata
Compilation timestamp:
1/15/2015 7:18:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
384:yDeLHe8hm3TP9E/9EyNPZKgXjOWzmWn2KtPLe35ZeG:9He8E3QZKgBx2Ln

Entry address:
0x216B

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 38, 05, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, A0, 36, 00, 10, E8, 76, 02, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 20, 40, 00, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, D8, 40, 00, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, 60, 31, 00, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.5 KB (6,656 bytes)

Remove IeWatchDog.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.