» gtdlghk64.dll
Overview
Analysis
File Details
Programs (10)

gtdlghk64.dll

Mindspark Toolbar Platform for Internet Explorer

Mindspark Interactive Network

This library is part of the Mindspark toolbar which uses the Ask.com search property to install a web browser extension and modify the browser's search, home and new tab features in order to redirect web searches to the IAC property. The module gtdlghk64.dll, “Mindspark Toolbar Platform” by Mindspark Interactive Network has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including PuzzleGamesDaily Internet Explorer Toolbar by Mindspark Interactive Network and GardeningEnthusiast Internet Explorer Toolbar by Mindspark Interactive Network, both potentially unwanted software.

File name:

gtdlghk64.dll

Publisher:

Mindspark (signed by Mindspark Interactive Network)

Product:

Mindspark Toolbar Platform for Internet Explorer

Description:

Mindspark Toolbar Platform

Version:

1.0.7.247

MD5:

c120998d06bf3198dc39a6f6b48a636d

SHA-1:

91a1945b67fdac24927152c53795b414d777b0b1

SHA-256:

ecdc1f353e0c6022832e960e594a31b02f224b70cfe05d25f3335de849e7b64d

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/23/2024 8:06:06 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Mindspark (M)

17.3.16.9

File size:

144 KB (147,480 bytes)

Product version:

2.5.15.15

Original file name:

t8DlgHk64.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\gamingwonderland\bar\1.bin\gtdlghk64.dll

Digital Signature

Signed by:

Mindspark Interactive Network

Authority:

VeriSign, Inc.

Valid from:

4/19/2015 5:00:00 PM

Valid to:

6/18/2018 4:59:59 PM

Subject:

CN=Mindspark Interactive Network, O=Mindspark Interactive Network, L=Yonkers, S=New York, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

438D4291E43C2DFFEEAAAEE5B6C070B5

File PE Metadata

Compilation timestamp:

5/8/2015 8:56:05 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0xC2E8

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, FB, 3D, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, EB, 07, 3A, C2, 74, 0D, 48, FF, C1, 8A, 01, 84, C0, 75, F3, 3A, C2, 75, 04, 48, 8B, C1, C3, 33, C0, C3, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 79, 58, 01, 00, FF, 15, B3, AF, 00, 00, 48, 8B, 05, 64, 59, 01, 00, 48, 89, 44, 24... 
[+]

Entropy:

6.1335

Code size:

85 KB (87,040 bytes)

The file gtdlghk64.dll has been discovered within the following programs.

Cats and Catapults Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “When you installed one of our applications you were presented with the option to change your homepage and search settings to Ask.com. ”

support.mindspark.com

68% remove it

DailyBibleGuide Internet Explorer Toolbar by Mindspark Interactive Network

DailyBibleGuide is a Mindspark web browser toolbar that is designed to modify the users search and home pages to Ask.com (or MyWebSearch).

68% remove it

DictionaryBoss Internet Explorer Toolbar by Mindspark Interactive Network

Installs a potentailly unwanted Ask.com powered toolbr - "As part of the download process for the Toolbar, you may be given the option to reset your homepage and/or reset your new tab page to an Ask® home page and new tab product.

71% remove it

EasyMailLogin Internet Explorer Toolbar by Mindspark Interactive Network

66% remove it

EasyPDFCombine Internet Explorer Toolbar by Mindspark Interactive Network

63% remove it

EverydayLookup Internet Explorer Toolbar by Mindspark Interactive Network

63% remove it

FreeMaps Internet Explorer Toolbar by Mindspark Interactive Network

61% remove it

GardeningEnthusiast Internet Explorer Toolbar by Mindspark Interactive Network

Publisher's description - “The My Web Search Toolbar, in the course of processing a given search query, sends a request to our servers.”

70% remove it

HomeworkSimplified Internet Explorer Toolbar by Mindspark Interactive Network

71% remove it

HowToSimplified Internet Explorer Toolbar by Mindspark Interactive Network

74% remove it

Latest 20 of 20 programs

Remove gtdlghk64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.