pluginservice.exe

IePlugin control

Thinknice Co. Limited

The application pluginservice.exe by Thinknice Co. Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “IePlugin Services”. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Cherished Technololgy LIMITED  (signed by Thinknice Co. Limited)

Product:
IePlugin control

Description:
IePlugin Service

Version:
13.27.0.301

MD5:
3a13cffc1233add8f2fafe33be14fad4

SHA-1:
305e899ab712490138acf6f6a36ba3ab8f92162d

SHA-256:
eb959c987f06ec63224fa77d6bbcdd04c525dc3d91323f243a2948171815128d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 11:26:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
17.2.2.3

File size:
687.6 KB (704,112 bytes)

Product version:
13.27.0.301

Copyright:
Copyright (C) 2013

Original file name:
IePluginService.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\ProgramData\iepluginservices\pluginservice.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 12:34:13 AM

Valid to:
11/27/2014 12:34:13 AM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata
Compilation timestamp:
5/8/2014 5:02:40 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x24B68

Entry point:
E8, EF, C8, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 58, E9, 46, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 00, A9, 46, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 58, E9, 46, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00...
 
[+]

Entropy:
5.6803

Code size:
347 KB (355,328 bytes)

Service
Display name:
IePlugin Services

Service name:
IePluginServices

Description:
IePlugin services

Type:
Win32OwnProcess

Group:
SchedulerGroup


The file pluginservice.exe has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove pluginservice.exe - Powered by Reason Core Security