» NPagEISb.DLL
Overview
Analysis
File Details

NPagEISb.DLL

PremierDownloadManager Installer Plugin Stub

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module NPagEISb.DLL, “PremierDownloadManager Installer Plugin Stub for 32-bit Windows” by Mindspark Interactive Network has been detected as a potentially unwanted program by 9 anti-malware scanners.

File name:

NPagEISb.DLL

Publisher:

PremierDownloadManager (signed by Mindspark Interactive Network)

Product:

PremierDownloadManager Installer Plugin Stub

Description:

PremierDownloadManager Installer Plugin Stub for 32-bit Windows

Version:

1,2,11,2

MD5:

f18e65acb0f14d6c514b878221b16cc3

SHA-1:

8764b4dfadb2e4d2e8e983827a145b088b0fe387

SHA-256:

26868787bb05a9872d04328696c82b54c4afd8c5b3f0e527f4379ddb76c2c477

Scanner detections:

9 / 68

Status:

Potentially unwanted

Explanation:

Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:

4/19/2024 4:27:56 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Mindspark-A [PUP]

140813-1

AVG

Adware Zango

2014.0.4015

Baidu Antivirus

PUA.Win32.MyWebSearch

4.0.3.1491

Dr.Web

Adware.MyWebSearch.50

9.0.1.05190

ESET NOD32

Win32/Toolbar.MyWebSearch.AI (variant)

8.10345

NANO AntiVirus

Riskware.Win32.WebSearch.dedjrz

0.28.2.61861

Panda Antivirus

Adware/WebSearch

14.09.01.04

Reason Heuristics

PUP.Installer.MindsparkInteractiveNetwork.I

14.9.1.3

VIPRE Antivirus

Threat.200876

32210

File size:

46.4 KB (47,512 bytes)

Product version:

1,2,11,2

Original file name:

NPagEISb.DLL

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\premierdownloadmanager_agei\installr\1.bin\npageisb.dll

Digital Signature

Signed by:

Mindspark Interactive Network

Authority:

VeriSign, Inc.

Valid from:

4/10/2012 1:00:00 AM

Valid to:

5/7/2015 12:59:59 AM

Subject:

CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

098417F7EA6406EC7B320590E17A65B7

File PE Metadata

Compilation timestamp:

11/19/2013 8:58:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

768:VmudPMi5p/I17DuQhzNGnEEDaIHovyN9mmYjOR3:k2oD3KRXXGOR3

Entry address:

0x1517

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 92, 16, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 5D, E9, 5E, 08, 00, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 9C, 00, 10, 89, 0D, 3C, 9C, 00, 10, 89, 15, 38, 9C, 00, 10, 89, 1D, 34, 9C, 00, 10, 89, 35, 30, 9C, 00, 10, 89, 3D, 2C, 9C, 00, 10, 66, 8C, 15, 58, 9C, 00, 10, 66, 8C, 0D, 4C, 9C, 00, 10, 66, 8C, 1D, 28, 9C, 00, 10, 66, 8C, 05, 24, 9C, 00, 10, 66, 8C, 25, 20, 9C, 00, 10, 66... 
[+]

Entropy:

6.0635

Code size:

19 KB (19,456 bytes)

Remove NPagEISb.DLL - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.