home

mwsbar.dll

The module mwsbar.dll has been detected as adware by 3 anti-malware scanners.
MD5:
2d5130f2c41418590ae845257217dd2d

SHA-1:
2e3f6aa26a3362f3e88ac61f5076cf5ba07d7e5a

SHA-256:
3feac8e3de2bacd2e385bdd7ee51c3500cdeb282ddfb7902d5cd19df847225c0

Scanner detections:
3 / 68

Status:
Adware

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
4/26/2024 1:58:37 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Drop.Softomat.AN
7.11.30.172

Reason Heuristics
PUP.MyWebSearch.G
14.11.21.23

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10223

File size:
805.5 KB (824,840 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\mywebsearch\bar\3.bin\mwsbar.dll

Registration
CLSID:
{53CED2D0-5E9A-4761-9005-648404E6F7E5}

ProgID:
MyWebSearchToolBar.ToolbarPlugin.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/14/2011 2:12:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:2CYNgdvFWvNTTR6JWAbQH3D5KW5Gp0zfrdlDG03kqfx8:27ad0vNM0AcAW00zzfG/C8

Entry address:
0x25E27

Entry point:
FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, 2E, E0, FE, FF, C2, 0C, 00, FF, 15, C0, F1, 04, 10, 33, C0, C3, A1, 78, C2, 05, 10, 56, 85, C0, 75, 13, FF, 74, 24, 08, 50, FF, 35, 18, C2, 05, 10, FF, 15, 80, F1, 04, 10, 5E, C3, 8B, 0D, 7C, C2, 05, 10, 8B, 15, 74, C2, 05, 10, FF, 05, 7C, C2, 05, 10, 23, D1, 8B, 34, 90, 8B, 44, 24, 08, 83, C0, 08, 50, 6A, 00, 56, FF, 15, 80, F1, 04, 10, 85, C0, 74, 07, 89, 30, 83, C0, 08, 5E, C3, 33, C0, 5E, C3, 8B, 44, 24, 04, 0F, AF, 44, 24, 08, 50, E8, 9D, FF, FF, FF...
 
[+]

Entropy:
6.1259

Code size:
312 KB (319,488 bytes)

Remove mwsbar.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.