{"id":5168,"date":"2015-03-02T20:21:52","date_gmt":"2015-03-02T20:21:52","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=5168"},"modified":"2015-03-09T20:22:14","modified_gmt":"2015-03-09T20:22:14","slug":"giner-tech-inc-hpnotify-exe-cmdshell-exe-protectservice-exe","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/giner-tech-inc-hpnotify-exe-cmdshell-exe-protectservice-exe\/","title":{"rendered":"Giner Tech Inc – HPNotify.exe, CmdShell.exe and ProtectService.exe"},"content":{"rendered":"

Welcome! Just a short note on a publisher called Giner Tech Inc<\/strong>. Did you find some processes\u00a0called HPNotify.exe<\/a>, CmdShell.exe<\/a> or ProtectService.exe<\/a>, located in folder called XTab,\u00a0running in the Windows Task Manager?\"HPNotify.exe<\/a><\/p>\n

You can\u00a0view the digital signature for a file by looking at a file’s properties in Windows Explorer. Here’s a screenshot of the Giner Tech Inc<\/strong> certificate embedded in the CmdShell.exe file:<\/p>\n

\"Giner<\/a><\/p>\n

Giner Tech Inc seems to be located in Wilmington, Delaware, US according to the certificate.<\/p>\n

So what’s VirusTotal<\/a>‘s view on the Giner Tech Inc files? Avira detects ProtectService.exe as PUA\/SearchProtect.EH<\/strong>, Baidu-International reports PUA.Win32.ELEX.BM<\/strong>, K7GW calls it Trojan ( 004b5c571 )<\/strong>, Malwarebytes classifies it as PUP.Optional.XTab.A<\/strong> and Sophos detects it as Generic PUA JL<\/strong>. The detection rate is 46%.<\/p>\n

\"Giner<\/a><\/p>\n

Hope that helped you figure out what those files are about. Thank you for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Welcome! Just a short note on a publisher called Giner Tech Inc. Did you find some processes\u00a0called HPNotify.exe, CmdShell.exe or ProtectService.exe, located in folder called XTab,\u00a0running in the Windows Task Manager? You can\u00a0view the digital signature for a file by looking at a file’s properties in Windows Explorer. Here’s a screenshot of the Giner Tech … Continue reading Giner Tech Inc – HPNotify.exe, CmdShell.exe and ProtectService.exe<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[510,511],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/5168"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=5168"}],"version-history":[{"count":2,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/5168\/revisions"}],"predecessor-version":[{"id":5173,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/5168\/revisions\/5173"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=5168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=5168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=5168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}