home

NPgtEISb.DLL

GamingWonderland Installer Plugin Stub

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module NPgtEISb.DLL, “GamingWonderland Installer Plugin Stub for 32-bit Windows” by Mindspark Interactive Network has been detected as a potentially unwanted program by 19 anti-malware scanners.
Publisher:
GamingWonderland  (signed by Mindspark Interactive Network)

Product:
GamingWonderland Installer Plugin Stub

Description:
GamingWonderland Installer Plugin Stub for 32-bit Windows

Version:
1,2,11,2

MD5:
0373e7a02555e4921ec314443e61ef8e

SHA-1:
3ffbb74f9701d2cbb3c1eebca53ee035d47a993b

SHA-256:
848bea3bbd3c821b07a68606175ef4053bb30a39264fbe3a3aa69315f00487d9

Scanner detections:
19 / 68

Status:
Potentially unwanted

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
4/24/2024 3:26:34 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.MyWebSearch
7.1.1

AhnLab V3 Security
Adware/Win32.MyWebSearch
2013.06.26

avast!
Win32:Mindspark-A [PUP]
2014.9-140901

AVG
Zango
2015.0.3365

Baidu Antivirus
PUA.Win32.MyWebSearch
4.0.3.1491

Bkav FE
W32.Clod4bb.Trojan
1.3.0.4246

Clam AntiVirus
Win.Adware.Downware-476
0.98/213

Dr.Web
Adware.MyWebSearch.50
9.0.1.0244

ESET NOD32
Win32/Toolbar.MyWebSearch.AI (variant)
8.10337

Fortinet FortiGate
Riskware/MyWebSearch
9/1/2014

IKARUS anti.virus
AdWare.Win32.Toolbar
t3scan.1.6.1.0

Kaspersky
not-a-virus:WebToolbar.Win32.MyWebSearch
14.0.0.3320

NANO AntiVirus
Riskware.Win32.WebSearch.dedjrz
0.28.2.61861

Panda Antivirus
Adware/WebSearch
14.09.01.12

Qihoo 360 Security
Win32/Virus.WebToolbar.6a1
1.0.0.1015

Reason Heuristics
PUP.Installer.MindsparkInteractiveNetwork.I
14.9.1.0

Rising Antivirus
PE:Malware.MyWebSearch!6.3F3
23.00.65.14830

Trend Micro House Call
TROJ_GEN.F47V0718
7.2.244

VIPRE Antivirus
MyWebSearch.J
32658

File size:
46.4 KB (47,496 bytes)

Product version:
1,2,11,2

Copyright:
Copyright © 2005, 2006, 2007, 2008, 2009

Original file name:
NPgtEISb.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\gamingwonderlandei\installr\1.bin\npgteisb.dll

Digital Signature
Signed by:
Mindspark Interactive Network

Authority:
VeriSign, Inc.

Valid from:
4/10/2012 10:00:00 AM

Valid to:
5/7/2015 9:59:59 AM

Subject:
CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
098417F7EA6406EC7B320590E17A65B7

File PE Metadata
Compilation timestamp:
11/20/2013 6:58:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
768:pmudPMi5p/I17DuQhzNGnEEDaOovyNDHmdjOZc:g2oD3KHJGBOa

Entry address:
0x1517

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 92, 16, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 5D, E9, 5E, 08, 00, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 9C, 00, 10, 89, 0D, 3C, 9C, 00, 10, 89, 15, 38, 9C, 00, 10, 89, 1D, 34, 9C, 00, 10, 89, 35, 30, 9C, 00, 10, 89, 3D, 2C, 9C, 00, 10, 66, 8C, 15, 58, 9C, 00, 10, 66, 8C, 0D, 4C, 9C, 00, 10, 66, 8C, 1D, 28, 9C, 00, 10, 66, 8C, 05, 24, 9C, 00, 10, 66, 8C, 25, 20, 9C, 00, 10, 66...
 
[+]

Entropy:
6.0593

Code size:
19 KB (19,456 bytes)

Remove NPgtEISb.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.