home

tmp00000062c544dce05c50e80d

MindSpark Search Assistant for Internet Explorer

Mindspark Interactive Network

The file tmp00000062c544dce05c50e80d, “MindSpark Search Assistant” by Mindspark Interactive Network has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
MindSpark  (signed by Mindspark Interactive Network)

Product:
MindSpark Search Assistant for Internet Explorer

Description:
MindSpark Search Assistant

Version:
1, 2, 3, 5

MD5:
e3d365c60000066044387631303009c1

SHA-1:
ab48ec842842c4eb6e193be1430ae46ab0bd428c

SHA-256:
47d8c1b1701b32e91624be10592f84917548a9034d3c4f2ef4973ee927bd415e

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:35:15 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Adware AdInstaller.FunWeb
2014.0.4040

Bkav FE
W32.Clod028.Trojan
1.3.0.4923

Dr.Web
Adware.MyWebSearch.47
9.0.1.05190

ESET NOD32
Win32/Toolbar.MyWebSearch.AC potentially unwanted application
7.0.302.0

nProtect
Adware/W32.Agent.62864
14.01.20.01

Reason Heuristics
PUP.MindsparkInteractiveNetwork.BB
14.10.22.14

VIPRE Antivirus
Threat.200876
33706

File size:
512 KB (524,288 bytes)

Product version:
1, 2, 3, 5

Copyright:
Copyright © 2009, 2010, 2011, 2012

Original file name:
t8SrcAs.DLL

Language:
English (United States)

Common path:
C:\windows\temp\tmp00000062c544dce05c50e80d

Digital Signature
Signed by:
Mindspark Interactive Network

Authority:
VeriSign, Inc.

Valid from:
5/31/2010 2:00:00 AM

Valid to:
5/7/2012 1:59:59 AM

Subject:
CN=Mindspark Interactive Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mindspark Interactive Network, L=White Plains, S=NewYork, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41730EB0E6D92A476E16628A0DBEFB36

File PE Metadata
Compilation timestamp:
1/20/2012 4:46:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:l/HYnD+yy5t91xG+L7ZCykebVOc5h8TVnzEs7++jMh+j:lgD+r++L7ZCyGB7+uMw

Entry address:
0x6B39

Entry point:
FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, A1, D2, FF, FF, C2, 0C, 00, FF, 15, DC, 90, 00, 10, 33, C0, C3, A1, A8, BA, 00, 10, 56, 85, C0, 75, 13, FF, 74, 24, 08, 50, FF, 35, 48, BA, 00, 10, FF, 15, A4, 90, 00, 10, 5E, C3, 8B, 0D, AC, BA, 00, 10, 8B, 15, A4, BA, 00, 10, FF, 05, AC, BA, 00, 10, 23, D1, 8B, 34, 90, 8B, 44, 24, 08, 83, C0, 08, 50, 6A, 00, 56, FF, 15, A4, 90, 00, 10, 85, C0, 74, 07, 89, 30, 83, C0, 08, 5E, C3, 33, C0, 5E, C3, 8B, 44, 24, 04, 33, C9, 3B, C1, 75, 0B, FF, 74, 24, 08, E8...
 
[+]

Code size:
32 KB (32,768 bytes)

Remove tmp00000062c544dce05c50e80d - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.