What is DailyWellnessGuide Internet Explorer Toolbar?

DailyWellnessGuide Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 45.95% of installations running this operating system. DailyWellnessGuide Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 53 files.

DailyWellnessGuide Internet Explorer Toolbar is most popular in the United States with 84.82% of installations residing in this country.

DailyWellnessGuide Internet Explorer Toolbar adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times.

Multiple virus scanners have detected malware in DailyWellnessGuide Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: 143d634f4f93155d3a4d430c2cf60d11) has been flagged by 16 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.09.00	PUP/Win32.MyWebSearch
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4037	Zango
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.Aki
Fortinet FortiGate	5.1.152.0	Riskware/MyWebSearch
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Panda Antivirus	10.0.4.2	Adware/WebSearch
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Dvqb
VIPRE Antivirus	33754	MyWebSearch.J (v) (not malicious)
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0701

APPINTEGRATOR.EXE (MD5: b6940fe9d6fc34ef59f1028ae6018fe1) has been flagged by 20 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.30.00	PUP/Win32.MyWebSearch
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4040	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.am
ESET-NOD32	10639	a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate	5.0.999.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Pgcq
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0812
VIPRE Antivirus	34342	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1966	Adware.MyWebSearch.Win32.1392
Panda Antivirus	10.0.4.2	Adware/WebSearch
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38

80brmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 8 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0701

NP80Stub.dll (MD5: e4ec46e77d08a415c04db6ccd897e708) has been flagged by 4 scanners:

Scanner Software	Version	Result
AVG	10.0.0.1190	Zango
ESET-NOD32	8677	Win32/Toolbar.MyWebSearch.T
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.F47V0701
VIPRE Antivirus	20414	MyWebSearch.J (v) (not malicious)

80SrchMn.exe (MD5: 3c93215de9cc97c60b1892ad8dbe4411) has been flagged by 20 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.11.14.00	Trojan/Win32.Buzus
Antiy-AVL	1.0.0.1	RiskWare[WebToolbar:not-a-virus]/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	15.0.0.4189	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.abZ
ESET-NOD32	10722	a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate	5.0.999.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Lmut
VIPRE Antivirus	34774	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1982	Adware.MyWebSearch.Win32.1351
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0812
Panda Antivirus	10.0.4.2	Adware/WebSearch
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38

Software Behaviors

Services:

80barsvc.exe runs as a service named 'InboxNowService' (InboxNow_drService).

Scheduled tasks:

AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

Startup Entries

Startup tasks:

AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.
80SrchMn.exe is automatically launched at startup through a scheduled task named 3.
80medint.exe is automatically launched at startup through a scheduled task named 2.
80brmon.exe is automatically launched at startup through a scheduled task named 4.
APPINTEGRATOR.EXE is automatically launched at startup through a scheduled task named OnlineMapFinder AppIntegrator 32-bit_Reg_HKLMWow6432Run.

Registry entries:

80medint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.
APPINTEGRATOR.EXE is loaded in the current user (HKCU) registry as an auto-starting executable named 'PowerSuite' and executes as "C:\Program Files1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m.
AppIntegrator64.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.
80brmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.
80SrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:

https://support.mindspark.com

Support:

–

Installation path:

C:\Program Files\DailyWellnessGuide_80\bar\1.bin

Uninstaller:

rundll32 "C:\Program Files\DailyWellnessGuide_80\bar\1.bin\80Bar.dll",O mindsparktoolbarkey="DailyWellnessGuide_80" uninstalltype="IE"

Size:

8.00 MB

Language: