home

u4EIPlug.DLL

Guffins Installer Plugin

Guffins

The module u4EIPlug.DLL, “Guffins Installer Plugin for 32-bit Windows” has been detected as a potentially unwanted program by 13 anti-malware scanners.
Publisher:
Guffins

Product:
Guffins Installer Plugin

Description:
Guffins Installer Plugin for 32-bit Windows

Version:
1, 1, 0, 4

MD5:
ffc609564b92d620e600014cc2c6b1ba

SHA-1:
65fc1aa8b99ae07715fdfc7eeb112137a3674779

Scanner detections:
13 / 68

Status:
Potentially unwanted

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
4/25/2024 12:13:43 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Skodna.Generic
2015.0.3405

Baidu Antivirus
Adware.Win32.MyWebSearch
4.0.3.14722

Clam AntiVirus
Adware.Funweb-11
0.98/18155

ESET NOD32
Win32/Toolbar.MyWebSearch
8.9066

Kaspersky
not-a-virus:WebToolbar.Win32.MyWebSearch
14.0.0.3522

McAfee
Artemis!FFC609564B92
5600.7061

NANO AntiVirus
Riskware.Win32.WebFun.gdskw
0.28.0.56316

Reason Heuristics
PUP.Installer.Guffins.I
14.7.22.13

Sophos
Generic PUA GF
4.94

Total Defense
Win32/BHO.MyWebSearch
37.0.10498

Trend Micro House Call
TROJ_GEN.RFFFH01H313
7.2.203

Vba32 AntiVirus
AdWare.FunWeb
3.12.24.3

VIPRE Antivirus
MyWebSearch Toolbar (not malicious)
23516

File size:
48.1 KB (49,256 bytes)

Product version:
2, 3, 0, 0

Copyright:
Copyright © 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010

Original file name:
u4EIPlug.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\guffinsei\installr\1.bin\u4eiplug.dll

File PE Metadata
Compilation timestamp:
9/29/2010 10:07:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:kCvtuQabCzQLWOvsmPw7jpVKAwLpN3Y0O+ps2reDEpJTuJ6c:kmtuQ2CzUALwLg+pRpJTuAc

Entry address:
0x2D52

Entry point:
FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, 34, 24, 00, 00, C2, 0C, 00, 68, 50, 92, 00, 10, FF, 15, 30, 70, 00, 10, 68, 14, 90, 00, 10, 68, 00, 90, 00, 10, E8, 03, 00, 00, 00, 59, 59, C3, 56, 8B, 74, 24, 08, 3B, 74, 24, 0C, 73, 0D, 8B, 06, 85, C0, 74, 02, FF, D0, 83, C6, 04, EB, ED, 5E, C3, A1, 70, 92, 00, 10, 85, C0, 74, 2F, 8B, 0D, 6C, 92, 00, 10, 56, 8D, 71, FC, 3B, F0, 72, 12, 8B, 0E, 85, C9, 74, 07, FF, D1, A1, 70, 92, 00, 10, 83, EE, 04, EB, EA, 50, E8, 69, 00, 00, 00, 83, 25, 70, 92, 00, 10...
 
[+]

Entropy:
4.3478

Code size:
24 KB (24,576 bytes)

Remove u4EIPlug.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.