mwsBar.dll

My Web Search Bar for Internet Explorer, FireFox, Netscape, email clients, and messenger clients

Fun Web Products

The module mwsBar.dll, “My Web Search Bar” by Fun Web Products has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
MyWebSearch.com  (signed by Fun Web Products)

Product:
My Web Search Bar for Internet Explorer, FireFox, Netscape, email clients, and messenger clients

Description:
My Web Search Bar

Version:
2, 3, 50, 55

MD5:
4eb81b9048938d702005eb6d9b86f967

SHA-1:
099fb1825b82fb7f285bd0801b0677a5a0ab5416

SHA-256:
d14eab34b17bfb93297aae2ef8249970eaf798320bc0860c43ed8df8ab1d6742

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the MyWebSearch/Mindspark/Ask web browser extension and toolbar.

Analysis date:
12/23/2024 10:21:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MyWebSearch (M)
16.10.17.22

File size:
441.4 KB (452,016 bytes)

Product version:
2, 3, 50, 55

Copyright:
Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009

Original file name:
mwsBar.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\mywebsearch\bar\1.bin\mwsbar.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/17/2008 6:00:00 PM

Valid to:
1/20/2010 5:59:59 PM

Subject:
CN=Fun Web Products, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Fun Web Products, L=White Plains, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7469E97907F383E4FF81AE9B045C64AA

File PE Metadata
Compilation timestamp:
9/2/2009 8:34:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:NkpaTGoI8E2SJ5oQjrWTTCds8NBsxvkawYp:upaCH8DC5ljq6ds84sI

Entry address:
0x1DD50

Entry point:
FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, 5D, E4, FE, FF, C2, 0C, 00, FF, 15, C0, 31, 04, 10, 33, C0, C3, A1, A0, D8, 04, 10, 56, 85, C0, 75, 13, FF, 74, 24, 08, 50, FF, 35, 40, D8, 04, 10, FF, 15, 50, 31, 04, 10, 5E, C3, 8B, 0D, A4, D8, 04, 10, 8B, 15, 9C, D8, 04, 10, FF, 05, A4, D8, 04, 10, 23, D1, 8B, 34, 90, 8B, 44, 24, 08, 83, C0, 08, 50, 6A, 00, 56, FF, 15, 50, 31, 04, 10, 85, C0, 74, 07, 89, 30, 83, C0, 08, 5E, C3, 33, C0, 5E, C3, 8B, 44, 24, 04, 0F, AF, 44, 24, 08, 50, E8, 9D, FF, FF, FF...
 
[+]

Entropy:
6.2206

Code size:
264 KB (270,336 bytes)

Remove mwsBar.dll - Powered by Reason Core Security