home

14httpct.dll

HTTP Control

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module 14httpct.dll, “TotalRecipeSearch" HTTP Control” by Mindspark Interactive Network has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
TotalRecipeSearch  (signed by Mindspark Interactive Network)

Product:
HTTP Control

Description:
TotalRecipeSearch" HTTP Control

Version:
1, 0, 0, 12

MD5:
f0f2902d490328dbdcbd6f507f7ffee7

SHA-1:
5bc8c631063f72059a97e4fb2d902548cc2b2fae

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
4/25/2024 10:14:51 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mindspark-B [PUP]
2014.9-140723

AVG
AdInstaller.FunWeb
2015.0.3404

Baidu Antivirus
Adware.Win32.MyWebSearch
4.0.3.14927

ESET NOD32
Win32/Toolbar.MyWebSearch.AC potentially unwanted application
8.7.0.302.0

Panda Antivirus
Adware/WebSearch
14.09.27.01

Reason Heuristics
PUP.MindsparkInteractiveNetwork.I
14.8.8.2

VIPRE Antivirus
MyWebSearch.J
22592

File size:
84 KB (86,016 bytes)

Product version:
2, 3, 0, 0

Copyright:
Copyright © 2004-2010

Original file name:
14httpct.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\totalrecipesearch_14\bar\1.bin\14httpct.dll

Digital Signature
Signed by:
Mindspark Interactive Network

Authority:
VeriSign, Inc.

Valid from:
5/30/2010 8:00:00 PM

Valid to:
5/6/2012 7:59:59 PM

Subject:
CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41730EB0E6D92A476E16628A0DBEFB36

Registration
CLSID:
{895f3dbd-2484-4a14-a0ea-c3252ebb0ff7}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
9/28/2010 7:20:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:BSYcHVL0ZZ0d1XJZgCQp6kmcpSjbqpOow/Sx0e+JSy3RcMeVkNb+1ebC90L3:BSBVLMKgCQpVmcfjxyRcM7++C90z

Entry address:
0x12D5

Entry point:
E9, D9, 58, 00, 00, E9, 9C, 4D, 00, 00, E9, DF, 0E, 00, 00, E9, B5, 45, 00, 00, E9, CA, 15, 00, 00, E9, B9, 71, 00, 00, E9, A8, 4C, 00, 00, E9, 32, 16, 00, 00, E9, 5E, 3A, 00, 00, E9, 07, 14, 00, 00, E9, B7, 4C, 00, 00, E9, 24, 5D, 00, 00, E9, 4D, 0C, 00, 00, E9, D2, 14, 00, 00, E9, 9C, 21, 00, 00, E9, 94, 3D, 00, 00, E9, 38, 3D, 00, 00, E9, 0A, 49, 00, 00, E9, E3, 2C, 00, 00, E9, CC, 59, 00, 00, E9, 19, 1C, 00, 00, E9, 06, 0E, 00, 00, E9, BA, 3E, 00, 00, E9, FA, 15, 00, 00, E9, 08, 3E, 00, 00, E9, 9C, 56...
 
[+]

Entropy:
5.3127

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
48 KB (49,152 bytes)

Remove 14httpct.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.