home

14RegIET.dll

TotalRecipeSearch for Internet Explorer and Firefox

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module 14RegIET.dll, “TotalRecipeSearch” by Mindspark Interactive Network has been detected as a potentially unwanted program by 12 anti-malware scanners.
Publisher:
TotalRecipeSearch  (signed by Mindspark Interactive Network)

Product:
TotalRecipeSearch for Internet Explorer and Firefox

Description:
TotalRecipeSearch

Version:
1, 0, 0, 1

MD5:
fa083bc3c489974b79b61068ca914b6b

SHA-1:
649eff28c5de3850e8a6013768306c905e1ac56f

Scanner detections:
12 / 68

Status:
Potentially unwanted

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
4/25/2024 11:18:47 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:FunWeb-F
2014.9-140723

AVG
AdInstaller.FunWeb
2015.0.3404

Bitdefender
Trojan.Generic.9094761
1.0.20.1270

Dr.Web
Trojan.PWS.Spy.17166
9.0.1.0254

Emsisoft Anti-Malware
Trojan.Generic.9094761
8.14.09.11.07

F-Secure
Trojan.Generic.9094761
11.2014-11-09_5

G Data
Trojan.Generic.9094761
14.9.22

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.2.0.127

McAfee
Artemis!7FD338B62992
5600.7010

MicroWorld eScan
Trojan.Generic.9094761
15.0.0.762

Reason Heuristics
PUP.MindsparkInteractiveNetwork.I
14.8.8.2

VIPRE Antivirus
MyWebSearch.J
22588

File size:
44 KB (45,056 bytes)

Product version:
2, 3, 0, 0

Copyright:
Copyright © 2010

Original file name:
14RegIET.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\totalrecipesearch_14\bar\1.bin\14regiet.dll

Digital Signature
Signed by:
Mindspark Interactive Network

Authority:
VeriSign, Inc.

Valid from:
5/30/2010 8:00:00 PM

Valid to:
5/6/2012 7:59:59 PM

Subject:
CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41730EB0E6D92A476E16628A0DBEFB36

File PE Metadata
Compilation timestamp:
2/10/2011 8:18:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:vop7JkDVwnUXGXde580c/1JZyXruK7ZH3Ipg8YoZ8f2Kmx0iLiuzx0bCf1qMYJLm:wRY8NNAB7ZH3BZLfhmx0VuqbC90Lm

Entry address:
0x10B9

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 56, 8B, 75, 08, 75, 0B, 89, 35, F4, 64, 00, 10, E8, 20, 00, 00, 00, FF, 75, 10, FF, 75, 0C, 56, E8, 3D, 12, 00, 00, 83, 7D, 0C, 00, 8B, F0, 75, 05, E8, 3E, 00, 00, 00, 8B, C6, 5E, 5D, C2, 0C, 00, 68, D0, 64, 00, 10, FF, 15, C8, 50, 00, 10, 68, 10, 60, 00, 10, 68, 00, 60, 00, 10, E8, 03, 00, 00, 00, 59, 59, C3, 56, 8B, 74, 24, 08, 3B, 74, 24, 0C, 73, 0D, 8B, 06, 85, C0, 74, 02, FF, D0, 83, C6, 04, EB, ED, 5E, C3, A1, F0, 64, 00, 10, 85, C0, 74, 2F, 8B, 0D, EC, 64, 00, 10, 56, 8D...
 
[+]

Entropy:
4.8685

Developed / compiled with:
Microsoft Visual C++

Code size:
16 KB (16,384 bytes)

Remove 14RegIET.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.