» gtreghk.dll
Overview
Analysis
File Details
Programs (10)

gtreghk.dll

Mindspark Toolbar Platform for Internet Explorer

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module gtreghk.dll, “Mindspark Toolbar Platform” by Mindspark Interactive Network has been detected as a potentially unwanted program by 16 anti-malware scanners. Additionally, the file is typically installed by a number of programs including MapsGalaxy Internet Explorer Toolbar by Mindspark Interactive Network and VerifiedVPN Internet Explorer Toolbar by Mindspark Interactive Network, both potentially unwanted software.

File name:

gtreghk.dll

Publisher:

Mindspark (signed by Mindspark Interactive Network)

Product:

Mindspark Toolbar Platform for Internet Explorer

Description:

Mindspark Toolbar Platform

Version:

1.0.7.205

MD5:

d2afbb79efdb9acea481fc2e6b79d67d

SHA-1:

42bf9091c84053cb7eef430e6ae5e177ec129fb3

SHA-256:

809d7327c1698f52231ee82061910192ae166339d59609b43657c2b4d686340f

Scanner detections:

16 / 68

Status:

Potentially unwanted

Explanation:

Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:

4/19/2024 12:56:19 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.MyWebSearch

2014.10.24

avast!

Win32:Mindspark-A [PUP]

2014.9-140829

AVG

Zango

2015.0.3367

Baidu Antivirus

Adware.Win32.MyWebSearch

4.0.3.14829

ESET NOD32

Win32/Toolbar.MyWebSearch.AE (variant)

8.10279

Fortinet FortiGate

Riskware/MyWebSearch

8/29/2014

G Data

Win32.Adware.Mindspark

15.1.24

Kaspersky

not-a-virus:WebToolbar.Win32.MyWebSearch

14.0.0.3332

Malwarebytes

PUP.Optional.MindSpark.A

v2014.08.29.03

McAfee

Artemis!D2AFBB79EFDB

5600.7023

Panda Antivirus

Adware/WebSearch

14.08.29.03

Qihoo 360 Security

Win32/Virus.WebToolbar.30b

1.0.0.1015

Reason Heuristics

PUP.Toolbar.MindsparkInteractiveNetwork.H

14.8.29.15

Trend Micro House Call

Suspicious_GEN.F47V0812

7.2.241

VIPRE Antivirus

MyWebSearch.J

32348

Zillya! Antivirus

Adware.MyWebSearch.Win32.1334

2.0.0.1966

File size:

79.1 KB (80,968 bytes)

Product version:

2.5.15.0

Original file name:

t8reghk.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\gamingwonderland\bar\1.bin\gtreghk.dll

Digital Signature

Signed by:

Mindspark Interactive Network

Authority:

VeriSign, Inc.

Valid from:

4/9/2012 8:00:00 PM

Valid to:

5/6/2015 7:59:59 PM

Subject:

CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

098417F7EA6406EC7B320590E17A65B7

File PE Metadata

Compilation timestamp:

7/24/2014 8:11:58 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:FeZJsAa5ehdwI9Z11XePz03k6ToYOBueGZxnV5gWtOGb:MZA5eP/1XU0zEYOBueGZxnV5gWz

Entry address:

0x5CD7

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 61, 21, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, BC, 15, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 40, 19, 01, 10, 74, 12, 8B, 0D, F8, 16, 01, 10, 85, 48, 70, 75, 07, E8, 4D, 2B, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 00, 16, 01, 10, 74, 16, 8B, 46, 08, 8B, 0D, F8, 16, 01, 10, 85, 48, 70, 75, 08, E8, AC... 
[+]

Entropy:

6.4214

Code size:

44.5 KB (45,568 bytes)

The file gtreghk.dll has been discovered within the following programs.

Allin1Convert Internet Explorer Toolbar by Mindspark Interactive Network

Functionality of the toolbar includes: - Changing the web browser's default home page to MyWebSearch.com. - Changing the browser's search provider, built-in search box to MyWebSearch.com. - Ability to modify the 'new tab' functionality to launch the modified search portal page.

support.mindspark.com

64% remove it

APlusGamer Internet Explorer Toolbar by Mindspark Interactive Network

This ad-supported toolbar installs a Mindspark branded Ask.com Toolbar in the user's Internet browsers. The software will modify the browser by changing the homepage and search provider to an Ask.com partner landing page. With this, it will display Ask.

70% remove it

Astrology Internet Explorer Toolbar by Mindspark Interactive Network

This Mindspark toolbar for IE may modify the web browser's homepage and search provider to ask.com as well as change a number of the security settings of the browser. These changes will allow it to perform additional ad-supported functions in the browser.

62% remove it

CursorMania Internet Explorer Toolbar by Mindspark Interactive Network

From the Terms of Service: "As part of the download process for the Toolbar, you may be given the option to reset your Internet browser's homepage to an Ask homepage product and/or reset your new tab page to an Ask new tab product.

70% remove it

Elite Unzip Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “The Toolbar, in the course of processing a given search query, sends a request to our servers.”

64% remove it

HeadlineAlley Internet Explorer Toolbar by Mindspark Interactive Network

HeadlineAlley is a Mindspark web browser toolbar that is designed to modify the users search and home pages to Ask.com (or MyWebSearch).

63% remove it

HomeworkSimplified Internet Explorer Toolbar by Mindspark Interactive Network

Installs a potentailly unwanted Ask.com powered toolbr - "As part of the download process for the Toolbar, you may be given the option to reset your homepage and/or reset your new tab page to an Ask® home page and new tab product.

71% remove it

HowToSimplified Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “The My Web Search Toolbar, in the course of processing a given search query, sends a request to our servers.”

74% remove it

InboxAce Internet Explorer Toolbar by Mindspark Interactive Network

This is a web browser extension/toolbar that will modify the user's home page and search provider to Ask.com.

70% remove it

Internet Speed Tracker Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “Certain versions of the Toolbar may include features of or links to one or more of Mindspark's FunWebProducts™ suite of websites and applications or other Mindspark- or Mindspark affiliate-provided websites or products.”

69% remove it

Latest 20 of 20 programs

Remove gtreghk.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.