» MediaWatchV1home5864.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

MediaWatchV1home5864.dll

Media Watch home 5864

The module MediaWatchV1home5864.dll has been detected as adware by 27 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘MediaWatchV1home5864’. This file is typically installed with the program Media Watch by Adware.BetterSurf which is a potentially unwanted software program. BetterSurf is a program that comes with software bundlers that offer free applications and will add a plugin to Internet Explorer, Firefox, and Chrome which displays advertisements on websites and search engines. In addition it will redirct various web browsing to various malvertisng sites.

File name:

Product:

Media Watch home 5864

Description:

Media Watch

Version:

1.0.0.1

MD5:

418e9a66a578d1fb7e6ea217952657e6

SHA-1:

55361b688accca8bceae7b03d002066f4a4f9ddd

SHA-256:

f1129f09131dd899ddc2a49359fc7689165c4f746a4a6121bd59adf034afaea9

Scanner detections:

27 / 68

Status:

Adware

Explanation:

Installed with software bundlers that offer free applications or games and adds a plugin to Internet Explorer, Firefox, and Chrome and will display ads as the user browses the Internet, both in websites and on search engine results

Analysis date:

4/26/2024 6:34:47 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.125844

918

Agnitum Outpost

PUA.BetterSurf

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen

7.11.140.114

AVG

Skodna.Generic_r

2015.0.3396

Baidu Antivirus

Adware.Win32.BetterSurf

4.0.3.14731

Bitdefender

Gen:Variant.Adware.Graftor.125844

1.0.20.1060

Comodo Security

Application.Win32.AdWare.BetterSurf.C

18028

Dr.Web

Adware.BetterSurf.2

9.0.1.0212

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.125844

8.14.07.31.02

ESET NOD32

Win32/AdWare.BetterSurf (variant)

8.9620

F-Secure

Gen:Variant.Adware.Graftor.125844

11.2014-31-07_5

G Data

Gen:Variant.Adware.Graftor.125844

14.7.24

herdProtect (fuzzy)

variant of mediawatchv1home4357.dll (Adware)

2014.9.10.18

K7 AntiVirus

Unwanted-Program

13.176.11613

Kaspersky

not-a-virus:AdWare.Win32.BetterSurf

14.0.0.3477

Malwarebytes

PUP.Optional.MediaWatch.A

v2014.07.31.02

McAfee

Adware-BetterSurf

5600.7052

MicroWorld eScan

Gen:Variant.Adware.Graftor.125844

15.0.0.636

NANO AntiVirus

Riskware.Win32.BetterSurf.cvtdtw

0.28.0.58720

Panda Antivirus

Generic Malware

14.07.31.02

Qihoo 360 Security

HEUR/Malware.QVM30.Gen

1.0.0.1015

Reason Heuristics

Adware.MediaWatch.U

14.7.31.14

Rising Antivirus

PE:Malware.BetterSurf!6.11BF

23.00.65.14729

Sophos

BetterSurf

4.98

Trend Micro House Call

TROJ_GEN.R08NC0ECV14

7.2.212

Trend Micro

TROJ_GEN.R08NC0ECV14

10.465.31

VIPRE Antivirus

BetterSurf

27916

File size:

85 KB (87,040 bytes)

Product version:

1.0.0.1

Original file name:

MediaWatchV1home5864.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\mediawatchv1\mediawatchv1home5864\ie\mediawatchv1home5864.dll

File PE Metadata

Compilation timestamp:

3/20/2014 11:29:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:j8/1CsEmka04RhRtahrOb8DkhhvHA9glQyxW5Z:M12mka0ElahrO1vguayxK

Entry address:

0x7A77

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3B, 38, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 68, D8, EF, 00, 10, FF, 15, 5C, E0, 00, 10, 85, C0, 74, 15, 68, C8, EF, 00, 10, 50, FF, 15, 60, E0, 00, 10, 85, C0, 74, 05, FF, 75, 08, FF, D0, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 08, E8, C8, FF, FF, FF, 59, FF, 75, 08, FF, 15, D4, E0, 00, 10, CC, 6A, 08, E8, 57, 3D, 00, 00, 59, C3, 6A, 08, E8, 75, 3C, 00, 00, 59, C3, 8B, FF, 56, E8, 0F, 19, 00, 00... 
[+]

Entropy:

6.1072

Code size:

49 KB (50,176 bytes)

Internet Explorer BHO

Display name:

MediaWatchV1home5864

CLSID:

{2c576a2b-4264-4243-bcfb-98764eb98e36}

CLSID name:

Media Watch

The file MediaWatchV1home5864.dll has been discovered within the following program.

Media Watch by Adware.BetterSurf

Media Watch is an advertising supported application that injects ads in the user's web browser. It uses a cross-framework browser extension to overwrite and include banner and text-link ads.

84% remove it

Remove MediaWatchV1home5864.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.