home

searchmaven.IEUpdate.dll

search maven

This is the Internet Explorer add-on for the Yontoo search maven branded web browser plugin (injects banner, text-link and popup ads). The component is responisble for registering the Browser Helper Object into IE and keeping it registered. The module searchmaven.IEUpdate.dll by search maven has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
search maven  (signed and verified)

Version:
1.0.5394.39520

MD5:
688922b4af48dac8e64eafe4a849c521

SHA-1:
8cc13a9fa7455a3cfd2d7af5e7474fa5eafacbfc

SHA-256:
deef807e50ff3d4f6b7bb334897b135251c43721cb0924108ad8657031686ea1

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo distributed ad-supported web browser add-on for Internet Explorer.

Analysis date:
6/25/2025 6:11:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yontoo (M)
17.3.13.8

File size:
654.8 KB (670,496 bytes)

Product version:
1.0.5394.39520

Original file name:
searchmaven.IEUpdate.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\search maven\bin\plugins\searchmaven.ieupdate.dll

Digital Signature
Signed by:
search maven

Authority:
VeriSign, Inc.

Valid from:
1/21/2014 9:00:00 PM

Valid to:
1/22/2015 8:59:59 PM

Subject:
CN=search maven, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=search maven, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7BCA3E790A2366A093345228DAE76C60

File PE Metadata
Compilation timestamp:
10/9/2014 2:57:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0xA38CA

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 70, 00, 00, 00, 0C, 39, 0A, 00, 0C, 1B, 0A, 00, 52, 53, 44, 53, 83, 02, 80, 67, CF, 5E, 7B, 4F, B4, 95, D1, C6, FA, 36, 0E, EB, 01, 00, 00, 00, 44, 3A, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 6C, 61, 61, 35, 73, 77, 73, 76, 2E, 34, 77, 77, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 44, 65, 73, 6B...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
646.5 KB (662,016 bytes)

Remove searchmaven.IEUpdate.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.