Home
Library
Mindspark Interactive Network
EasyHomeDecorating Internet Explorer Toolbar

EasyHomeDecorating Internet Explorer Toolbar

Known Toolbar

What is EasyHomeDecorating Internet Explorer Toolbar?

EasyHomeDecorating Internet Explorer Toolbar is software application developed by Mindspark Interactive Network. It is most commonly found on computers running Windows 7 with nearly 50.00% of installations running this operating system. EasyHomeDecorating Internet Explorer Toolbar's installer is typically 8.00 MB in size and installs around 51 files.

EasyHomeDecorating Internet Explorer Toolbar is most popular in the United States with 82.13% of installations residing in this country.

EasyHomeDecorating Internet Explorer Toolbar adds 3 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times.

About EasyHomeDecorating Internet Explorer Toolbar?

During the Toolbar download process, users may be presented with the option to set their Internet browser's homepage and new tab page to an Ask homepage and new tab product. If users do not intend to modify these settings, they may opt-out of the Ask homepage and new tab product features by selecting or deselecting the corresponding checkboxes during the Toolbar download process.

Multiple virus scanners have detected malware in EasyHomeDecorating Internet Explorer Toolbar.

AppIntegrator64.exe (MD5: dde9c9b89b413a5868d7358511db5a6a) has been flagged by 14 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.10.25.00	PUP/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4040	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Wwof
VIPRE Antivirus	34214	MyWebSearch.J (v) (not malicious)
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W

APPINTEGRATOR.EXE (MD5: b83db01d9e4bd53c9b65214806b54eb7) has been flagged by 25 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.11.21.00	PUP/Win32.MyWebSearch
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	15.0.0.4189	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
ESET-NOD32	10755	a variant of Win32/Toolbar.MyWebSearch.AJ
Fortinet FortiGate	5.0.999.0	Riskware/MyWebSearch
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	15.0.1.10	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.MyWebSearch.si.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Pepp
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V1106
VIPRE Antivirus	34964	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1988	Adware.MyWebSearch.Win32.1695
Agnitum Outpost	5.5.1.3	PUA.Toolbar.MyWebSearch!
Clam AntiVirus	0.98.4.0	Win.Adware.Mywebsearch-70
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D

73brmon.exe (MD5: 35d6caaa9e4d82974a74dbdb53801f98) has been flagged by 7 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/win32.agent.gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	13.0.0.3169	AdInstaller.FunWeb
Bkav FE	1.3.0.4613	W32.Clodc29.Trojan.ff33
Dr.Web		Adware.BGuard.38
ESET-NOD32	9264	Win32/Toolbar.MyWebSearch.W
VIPRE Antivirus	25220	MyWebSearch.J (v) (not malicious)

NP73Stub.dll (MD5: ee73ac30ad862807a2b43a31e77acfa6) has been flagged by 23 scanners:

Scanner Software	Version	Result
Agnitum Outpost	5.5.1.3	PUA.Toolbar.MyWebSearch!
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	14.0.0.4040	MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Clam AntiVirus	0.98.4.0	Win.Adware.Mywebsearch-70
ESET-NOD32	10565	a variant of Win32/Toolbar.MyWebSearch.AI
G Data	24	Win32.Adware.Mindspark.C
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.sz
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Anfn
VIPRE Antivirus	33934	MyWebSearch.J (v) (not malicious)
Zillya	2.0.0.1955	Adware.MyWebSearch.Win32.766
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
AhnLab-V3	2014.10.25.00	PUP/Win32.MyWebSearch
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b

73SrchMn.exe (MD5: fb85f333d10b1475650c4304f99a1ece) has been flagged by 19 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	Trojan/Win32.Generic
avast!	8.0.1489.320	Win32:Mindspark-A [PUP]
AVG	13.0.0.3169	Skodna.Generic.AOF
Bkav FE	1.3.0.4613	W32.Cloddd7.Trojan.8c0b
Dr.Web		Adware.MyWebSearch.47
ESET-NOD32	9262	Win32/Toolbar.MyWebSearch.W
K7 AntiVirus	9.175.10766	Trojan ( 0047e1181 )
K7GW	9.175.10766	Trojan ( 0047e1181 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Undef.(kcloud)
NANO AntiVirus	0.28.0.57029	Trojan.Win32.MyWebSearch.crhhqy
nProtect	2014-01-08.01	Trojan/W32.Agent.44784.D
VIPRE Antivirus	25210	MyWebSearch.J (v) (not malicious)
AhnLab-V3	2014.10.25.00	PUP/Win32.MyWebSearch
AVware	1.5.0.21	MyWebSearch.J (v)
Baidu-International	3.5.1.41473	Adware.Win32.MyWebSearch.bQ
Kaspersky	12.0.0.1225	not-a-virus:WebToolbar.Win32.MyWebSearch.si
Malwarebytes	1.75.0.1	PUP.Optional.MindSpark
Qihoo-360	1.0.0.1015	Win32/Virus.WebToolbar.30b
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Wwof

Software Behaviors

Services:: 73barsvc.exe runs as a service named 'InboxNowService' (InboxNow_drService).
Scheduled tasks:: AppIntegrator64.exe is scheduled as a task named 'Price Fountain' (runs daily at 4:45 PM).

73medint.exe is scheduled as a task with the class '{CEC2F177-6434-48CF-AEA5-AB1F3AD5E60A}' (runs on registration).

73SrchMn.exe is scheduled as a task named 'MetaCrawler' (runs daily at 15:24).

Startup Entries

Startup tasks:: AppIntegrator64.exe is automatically launched at startup through a scheduled task named 7.

73SrchMn.exe is automatically launched at startup through a scheduled task named 3.

73medint.exe is automatically launched at startup through a scheduled task named 2.

73brmon.exe is automatically launched at startup through a scheduled task named 4.

APPINTEGRATOR.EXE is automatically launched at startup through a scheduled task named OnlineMapFinder AppIntegrator 32-bit_Reg_HKLMWow6432Run.
Registry entries:: 73medint.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'MapsGalaxy EPM Support' and executes as "C:\Program Files2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S.

APPINTEGRATOR.EXE is loaded in the current user (HKCU) registry as an auto-starting executable named 'PowerSuite' and executes as "C:\Program Files1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m.

AppIntegrator64.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

73brmon.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ctfmon.exe' and executes as C:\Program Files3\rundll32.exe C:\Program Files3\lni28.dat,FG00.

73SrchMn.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Hoolapp Android' and executes as "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized.

Software Details

URL:: https://support.mindspark.com
Support:: –
Installation path:: C:\Program Files\EasyHomeDecorating_73\bar\1.bin
Uninstaller:: rundll32 "C:\Program Files\EasyHomeDecorating_73\bar\1.bin\73Bar.dll",O mindsparktoolbarkey="EasyHomeDecorating_73" uninstalltype="IE"
Size:: 8.00 MB
Language:: English

EasyHomeDecorating Internet Explorer Toolbar Executable Details

Primary executable:: 73bar.dll
Name:: EasyHomeDecorating Internet Explorer Toolbar
Path:: C:\Program Files\EasyHomeDecorating_73\bar\1.bin\73bar.dll
MD5:: f86336c978311761bc3e2a80b08d46bc
SHA-1:: –
SHA-256:: –

Files installed by EasyHomeDecorating Internet Explorer Toolbar

File Type	Filename	MD5
DLL	73dlghk.dll	a90bf4411ebff8b342c21c1a647b513b
DLL	73datact.dll	298bfa5c34ce7cb9bfcc4bcc3966daee
DLL	73bprtct.dll	93da07f94d74c54c75d6000090799f70
EXE	73barsvc.exe Malware	eb0b3c1577773cb81ebc0a2507fccfdc
DLL	73reghk.dll	071d962e0e256dcf0b360b59ad6897eb
DLL	73hkstub.dll	98e56fd43f64538baa9b1f367951091f
DLL	73regiet.dll	a4c73c71941826db74af6598336eda99
DLL	73regfft.dll	5de55f0f8967fdb31ee5b259a5aba975
EXE	73medint.exe Malware	4de35f24efb8446518e0586fd54043b8
EXE	73highin.exe	635f5e4b01597d0baf2422245c8ff541