» gthighin.exe
Overview
Analysis
File Details
Programs (10)

gthighin.exe

Mindspark Toolbar Platform for Internet Explorer

Mindspark Interactive Network

The application gthighin.exe, “Mindspark Toolbar Platform” by Mindspark Interactive Network has been detected as a potentially unwanted program by 11 anti-malware scanners. Additionally, the file is typically installed by a number of programs including MapsGalaxy Internet Explorer Toolbar by Mindspark Interactive Network and TranslationBuddy Internet Explorer Toolbar by Mindspark Interactive Network, both potentially unwanted software. This version of the file will bundle a Mindspark/MyWebSearch Toolbar, a potentially unwanted web browser extension.

File name:

gthighin.exe

Publisher:

Mindspark (signed by Mindspark Interactive Network)

Product:

Mindspark Toolbar Platform for Internet Explorer

Description:

Mindspark Toolbar Platform

Version:

1.0.7.205

MD5:

1c86678ebf794d7c48ac6e2a663d4d46

SHA-1:

969954e856f4a7ff538fafbc989668c610d38ca3

SHA-256:

d986bdc6caa8e21bcedb82733471169f975871a9be33bce1b6cfb8b388f1408b

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 10:43:58 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Mindspark-A [PUP]

2014.9-140829

AVG

Zango

2015.0.3367

Baidu Antivirus

Adware.Win32.MyWebSearch

4.0.3.14829

Fortinet FortiGate

Riskware/MyWebSearch

8/29/2014

Kaspersky

not-a-virus:WebToolbar.Win32.MyWebSearch

14.0.0.3332

Malwarebytes

PUP.Optional.MindSpark

v2014.08.29.02

Panda Antivirus

Adware/WebSearch

14.08.29.02

Reason Heuristics

Plugin.MyWebSearch.Toolbar.I

14.8.29.14

Rising Antivirus

PE:Trojan.Win32.Generic.172E74DD!388920541

23.00.65.14827

Trend Micro House Call

Suspicious_GEN.F47V0812

7.2.241

VIPRE Antivirus

MyWebSearch.J

32630

File size:

13.1 KB (13,384 bytes)

Product version:

2.5.15.0

Original file name:

t8HighIn.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\gamingwonderland\bar\1.bin\gthighin.exe

Digital Signature

Signed by:

Mindspark Interactive Network

Authority:

VeriSign, Inc.

Valid from:

4/9/2012 8:00:00 PM

Valid to:

5/6/2015 7:59:59 PM

Subject:

CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

098417F7EA6406EC7B320590E17A65B7

File PE Metadata

Compilation timestamp:

7/24/2014 8:13:41 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

192:dfxID8GIwWeZEWunYe+PjPh+rO4dj+vyge8r9ZCspE+TMYrg30:hCD8GIwWeZEWunYPLhHuVteMs

Entry address:

0x103B

Entry point:

55, 8B, EC, B8, 50, 81, 00, 00, E8, 68, 02, 00, 00, 53, 56, 57, FF, 15, 0C, 20, 40, 00, 32, D2, 8A, 08, 80, F9, 20, 7F, 08, 84, C9, 74, 11, 84, D2, 74, 0D, 80, F9, 22, 75, 05, 84, D2, 0F, 94, C2, 40, EB, E4, 8A, 08, 84, C9, 74, 08, 80, F9, 20, 7F, 03, 40, EB, F2, 8D, 8D, B0, 7E, FF, FF, 8B, D0, 8B, C1, 33, FF, BE, 00, 80, 00, 00, 2B, D0, 8D, 86, FE, 7F, FF, 7F, 85, C0, 74, 0D, 8A, 04, 0A, 84, C0, 74, 06, 88, 01, 41, 4E, 75, E9, 85, F6, 75, 06, 49, BF, 7A, 00, 07, 80, C6, 01, 00, 89, 7D, FC, 85, FF, 0F, 88... 
[+]

Entropy:

6.4278

Developed / compiled with:

Microsoft Visual C++

Code size:

1024 Bytes (1,024 bytes)

The file gthighin.exe has been discovered within the following programs.

Allin1Convert Internet Explorer Toolbar by Mindspark Interactive Network

Functionality of the toolbar includes: - Changing the web browser's default home page to MyWebSearch.com. - Changing the browser's search provider, built-in search box to MyWebSearch.com. - Ability to modify the 'new tab' functionality to launch the modified search portal page.

support.mindspark.com

64% remove it

APlusGamer Internet Explorer Toolbar by Mindspark Interactive Network

This ad-supported toolbar installs a Mindspark branded Ask.com Toolbar in the user's Internet browsers. The software will modify the browser by changing the homepage and search provider to an Ask.com partner landing page. With this, it will display Ask.

70% remove it

Astrology Internet Explorer Toolbar by Mindspark Interactive Network

This Mindspark toolbar for IE may modify the web browser's homepage and search provider to ask.com as well as change a number of the security settings of the browser. These changes will allow it to perform additional ad-supported functions in the browser.

62% remove it

CursorMania Internet Explorer Toolbar by Mindspark Interactive Network

From the Terms of Service: "As part of the download process for the Toolbar, you may be given the option to reset your Internet browser's homepage to an Ask homepage product and/or reset your new tab page to an Ask new tab product.

70% remove it

DictionaryBoss Internet Explorer Toolbar by Mindspark Interactive Network

Installs a potentailly unwanted Ask.com powered toolbr - "As part of the download process for the Toolbar, you may be given the option to reset your homepage and/or reset your new tab page to an Ask® home page and new tab product.

71% remove it

Elite Unzip Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “The Toolbar, in the course of processing a given search query, sends a request to our servers.”

64% remove it

HeadlineAlley Internet Explorer Toolbar by Mindspark Interactive Network

HeadlineAlley is a Mindspark web browser toolbar that is designed to modify the users search and home pages to Ask.com (or MyWebSearch).

63% remove it

HomeworkSimplified Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “The My Web Search Toolbar, in the course of processing a given search query, sends a request to our servers.”

71% remove it

HowToSimplified Internet Explorer Toolbar by Mindspark Interactive Network

74% remove it

InboxAce Internet Explorer Toolbar by Mindspark Interactive Network

This is a web browser extension/toolbar that will modify the user's home page and search provider to Ask.com.

70% remove it

Latest 20 of 20 programs

Remove gthighin.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.