home

jwdsrch.dll

JWord Plugin

JWord Inc.

It is installed within the context of Internet Explore as a URL search hook with the name ‘JWordPlugin’.
Publisher:
JWord Inc.  (signed and verified)

Product:
JWord Plugin

Description:
JWord Plugin Search

Version:
2, 0, 0, 9

MD5:
6565d43a84ce75a0d0c463cebaf91966

SHA-1:
16dd30422c609b243e0105b926e2bbf0a5e9333b

SHA-256:
864cdfad790d7db209188ac8ce3cd4f68f80d24b6d192381e17a1a6e576c3bfa

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 9:42:48 PM UTC  (today)

Scan engine
Detection
Engine version

Panda Antivirus
Suspicious file
14.08.24.08

Prevx
Heuristic: Suspicious File With Bad Parent Associations
3.0.8

File size:
81.3 KB (83,288 bytes)

Product version:
2, 0, 0, 9

Copyright:
Copyright (C) 2000 - 2007 JWord Inc, All Rights Reserved.

Original file name:
jwdsrch.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\jword\plugin2\jwdsrch.dll

Digital Signature
Signed by:
JWord Inc.

Authority:
VeriSign, Inc.

Valid from:
2/5/2007 9:00:00 AM

Valid to:
2/6/2008 8:59:59 AM

Subject:
CN=JWord Inc., OU=R&D Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=JWord Inc., L=Shibuya-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0FC5EB5EB505464CE598EC98578A4D8A

Registration
CLSID:
{2ACECADE-0BC7-4c6f-95CF-A221CC161B52}

ProgID:
QSearch.MyUrlSearchHook.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
6/25/2007 2:54:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:fhXVLBtoBNtpESqq70Z13JBMwPiDJIIlspZ:fhl3oDFqR13JBMwPiDjlk

Entry address:
0x8A1A

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, EC, BC, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, F8, BC, 00, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 30, D2, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
5.6417

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
32 KB (32,768 bytes)

Internet Explorer URL Search Hook
Display name:
JWordPlugin

CLSID:
{2ACECADE-0BC7-4C6F-95CF-A221CC161B52}

CLSID name:
MyUrlSearchHook Class


Scan jwdsrch.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.